Web App Security
Protect Applications with Context-Aware Security

Web Application and API Protection (WAAP) with Real-Time App Security Insights

VMware NSX Advanced Load Balancer delivers multi-cloud security to protect applications and microservices from today’s threats and improve ingress control. NSX ALB’s comprehensive solution provides network and application security with a context-aware web application firewall (WAF) to protect against all forms of digital threats. Visibility through advanced analytics and security insights helps customize a comprehensive application security policy per application, microservice, or tenant.

Avi Cloud Services Threat Intelligence </p> <li>

 

NSX ALB WAF offers ingress security through a comprehensive set of web app security features to protect applications and APIs. It helps achieve compliance with GDPR, HIPAA and PCI DSS security standards.  NSX ALB minimizes false positives with a positive security model, WAF learning mode and advanced application security analytics. It protects applications from DDoS attacks, malicious bots and OWASP top 10 threats with real-time app security insights and visibility.

Security and WAF is delivered as part of the NSX ALB Platform which provides a distributed web security fabric with central policy management, on-demand autoscaling, and built-in analytics for securing multi-cloud applications.

I believe there is no valid reason to provision a web application on the internet without a WAF. This is especially important to us since Swisslos needs to be compliant with industry regulations and certifications.

Joris Vuffray
Head of Network & System Management | Swisslos

Optimized Web App Security Pipeline

  • Application allow-list effectively bypasses known, trusted sources such as DAST scan output and internal IP addresses
  • Positive security with WAF learning mode efficiently models good traffic behavior with automatically programmed rules
  • Signature-based protection is based on core rule set (CRS), live feeds from Avi Cloud services and application-specific frameworks

Avi Cloud Services Threat Intelligence Diagram

 

Real-Time App Security Insights

  • Real-time visibility and application security analytics includes SSL versions, ciphers, real-time DDoS attack data, and system health scores
  • Granular app security insights on traffic flows and rule matches help inform precise policies
  • One-click customization of rules and exceptions significantly reduces the problem of false-positives
Screenshot of real-time app security insights.

Protecting Applications
with VMware NSX Advanced Load Balancer

Learn how NSX Advanced Load Balancer provides comprehensive context-aware security through web and API application protection in this whitepaper.

Protecting Applications

Centralized Application Security Management

  • OWASP Top 10 threats including Input protection (SQL injection, cross-site scripting (XSS), local/remote file inclusion, remote code execution, PHP code injection, path traversal, session fixation)
  • HTTP validation (limit HTTP allow method, encoding bypass detection, HTTP response splitting, HTTP parameter pollution)
  • Malicious bot protection
  • Data leakage protection (error message suppression, leakage of personally identifiable information such as credit card or SSN numbers)
  • Network attack protection (SYN Flood, Network DDoS)

Centralized Application Security Management Diagram

Context-Aware Application and API Protection Made Simple

  • A comprehensive application security stack includes WAF, application rate limiting, DDoS protection, SSL/TLS encryption, bot mitigation, access control list (ACL), authentication and authorization, and L3-L7 security rules.
  • Support for application and microservices environments
  • Per-app deployments and elastic auto scaling across data centers and multi-cloud environments
  • GDPR, HIPAA, and PCI compliance with a scalable and distributed application security platform
  • A distributed web app security fabric uses built-in analytics to make intelligent decisions

Image depicting WAF with a screenshot of application showing multi-cloud security fabric with simplicity

Ready to See NSX ALB’s Intelligent Web Application
Firewall in Action?

Schedule a Demo View Interactive Demo
[id=case] { padding: 0 0 55px; } .quote-text { font-size: 36px; font-weight: 600; line-height: 1.2 !important; } body, .section--bg-lgray { background-color: #fbfbfb; } /*========================== * Hero Sizing Adjustments ============================*/ .hero-v2__title { font-size: 3.25rem; line-height: 1.25; } .hero-v2__subtitle { font-size: 1.75rem; } .hero-v2--with-subnav .hero-v2__title, .hero-v2__title { padding-bottom: 2rem; } /*========================== * Section Spacing Adjustments ============================*/ .section { padding-top: 6rem; padding-bottom: 6rem; } .section--bg-none + .section--bg-none { padding-top: 0; } .section--quote + .section--collapse { padding-top: 0; margin-top: -2rem; } .section--collapse { padding-top: 0; } .basic-content--leadin.section { padding-bottom: 2rem; } .basic-content img:not(:last-child) { margin-top: 3rem; margin-bottom: 3rem; } .basic-content__title, .section__title { margin-bottom: 3rem; } /*========================== * Body Copy Resizing ============================*/ .basic-content--leadin p:first-of-type { font-size: 1.5rem; line-height: 1.75; font-weight: 400; } .main-content p, .main-content li { font-size: 1.125rem; line-height: 1.75; font-weight: 100; } .main-content p a, .main-content li a { font-weight: 400; text-decoration: underline; } .basic-content--leadin p a { font-weight: 600; } .main-content a.button { text-decoration: none; font-weight: 600; } .main-content ul li::before { content: ''; background-color: #FF4B00; font-size: inherit; padding-right: 0.25em; position: absolute; top: 17px; left: -1px; display: inline-block; height: 7px; width: 7px; border-radius: 100%; } .main-content ul li { padding-left: 1.25rem; } .quote { line-height: 1.75; } .quote__body::before { content: '“'; font-family: arial, sans-serif; top: -0.4em; left: -0.6em; font-size: 72px; font-weight: 600; } /*========================== * Tab Styles * 1) '.xan' is specific identifier for a new module type. ============================*/ .xan .tab-group { background-color: #fff; border: 30px solid #cfe8ee; display: flex; max-width: 980px; margin: 0 auto; padding: 2rem 3rem; } .xan .tab-group__tabs { border: 0; border-right: 1px solid #f6f6f6; width: 30%; max-width: 30%; } .xan .tab-group__tab { border-bottom: 0px; border-radius: 40px 0 0 40px; } .xan .js-tab-x { background: #ffffff; border-right: 10px solid #fff; color: #333333; font-size: 18px; font-weight: 100; text-transform: none; width: 100%; text-align: left; box-shadow: none; filter: none; padding: 10px 18px 10px 40px; margin: 6px 0; transition: all 300ms ease-out; font-family: 'Open Sans', 'Brandon Grotesque' ,sans-serif; } .xan .tab-group__tabs .js-tab-x:hover { font-weight: 600; transition: all 0.5s ease-out; } .xan .tab-group__tabs .js-tab-x h3 { border: none !important; box-shadow: none; } .xan .tab-group__tab--is-active { border: 0; border-right: 10px solid #FF4B00; background-color: #f7f7f7; border-radius: 40px 0 0 40px ; color: #FF4B00; font-weight: 600; transition: all 300ms ease-out; } .xan .tab-group__tab:focus { outline: none; transition: all 300ms ease-out; } .xan .tab-group__tabs .js-tab-x::before, .xan .tab-group__tabs .js-tab-x::after { content: ""; display: none; } .xan .tab-group__panel { width: 70%; position: relative; height: auto; font-size: 1.125rem; font-weight: 100; transition: all 300ms ease-out; } .xan .tab-group__panel ul li { padding-left: 18px !important; } /* ===================== * END OF TABS ========================*/ /* ===================== * Offer Section ========================*/ .section.offer-bar { background: #fff; color: #233448; clear: both; } .offer-bar__grid { align-items: center; } .section.offer-bar h2 .offer-bar__extended-title { font-size: 30px; color: #233448; } .section.offer-bar h2 { font-size: 40px; font-weight: 100; } .section.offer-bar p { font-weight: 100; font-size: 18px; } .offer-bar__title { margin-top: 0; } .offer-bar__cover { padding-top: 0; } .offer-bar__footer a.secondary-button--white { color: #233448; font-size: 20px; } .offer-bar__footer a.secondary-button--white:hover { color: #ff4b00; letter-spacing: 3px; } .cta-bar-v2 .section__title { margin-bottom: 2rem; } .cta-bar-v2__title + .cta-bar-v2__title--sub { font-weight: 100 !important; } .cta-bar-v2 { display: block; text-align: center; position: relative; padding-top: 6rem; padding-bottom: 6rem; } .cta-bar-v2--blue { background-color: #8bc7d5 !important; } .section--bg-hex { background-color: #8bc7d5; } /*=================== Multi-Card Group Cards =========================*/ .card-group { flex-wrap: wrap; } .card { border-radius: 16px; box-shadow: 0 5px 12px rgba(0, 0, 0, 0.16); } .card.card-group__card { margin: 0 0.5rem; margin-top: 50px; position: relative; flex: 1 0 calc(33% - 1rem); } .card__hex { position: absolute; top: -29px; width: 55px; transform: translateX(-50%); left: 50%; } .card .card__icon { width: 86px; height: auto; padding: 16px 20px 21px 20px; position: relative; margin-top: -63px; background: url('/wp-content/uploads/2019/02/avi-hex-gray-outline@3x.png') center center no-repeat; background-size: 86px ; } .card__title { display: block; color: #333; text-align: center; padding-top: 0px; margin-top: 0px; margin-bottom: 12px; font-weight: 600; } .card__title--big { font-size: 1.25rem; font-weight: 600; } .card__desc h3 { text-align: center; font-size: 14px; font-weight: 100; color: #F04E23; text-transform: uppercase; } .card__desc p { font-size: 1rem; line-height: 1.75; } .card__desc li{ font-size: 16px; line-height: 24px; margin-bottom: 1rem; padding-left: 20px; } .card ul li::before { top: 13px; } @media only screen and (max-width: 768px) { /*========================== * Section Spacing Adjustments ============================*/ .section { padding-top: 3rem; padding-bottom: 3rem; } .section--bg-none + .section--bg-none { padding-top: 0; } .basic-content--leadin.section { padding-bottom: 1rem; } .basic-content img:not(:last-child) { margin-top: 1rem; margin-bottom: 1rem; } .basic-content__title, .section__title { margin-bottom: 1.5rem; } /*========================== * Body Copy Resizing ============================*/ .basic-content--leadin p:first-of-type { font-size: 1.125rem; } .main-content p, .main-content li { font-size: 1rem; line-height: 1.75; } .hero-v2 { height: 320px; } .hero-v2__title { font-size: 1.75rem; padding-top: 0; } .hero-v2__subtitle { font-size: 1.125rem; } .section--tabs { display: block; height: auto; } .xan .tab-group { margin: 0 auto; display: block; border-left: none; border-right: none; padding: 10px 5px; flex-direction: column; background-color: #fff; } .xan .tab-group__tabs { width: 100%; max-width: 100%; border: 0; border-bottom: 1px solid #f6f6f6; } .xan .js-tab-x { border: 0; border-bottom: 10px solid #fff; border-radius: 0; padding: 10px; text-align: center; } .xan .tab-group__tabs .js-tab { background: #ffffff; color: #333333; font-size: 18px; font-weight: 100; text-transform: none; width: 100%; text-align: left; box-shadow: none; filter: none; padding: 10px 18px 10px 40px; margin: 6px 0; border-bottom: none; display: block; } .xan .tab-group__tabs .js-tab button { border: none !important; box-shadow: none; display: block; } .xan .tab-group__tab--is-active { border: 0; color: #FF4B00; font-weight: 600; border-bottom: 10px solid #FF4B00; border-radius: 0px; } .xan .tab-group__tab:focus { outline: none; display: block; } .xan .tab-group__tabs .js-tab::before, .xan .tab-group__tabs .js-tab::after { content: ""; display: none; } .xan .tab-group__panel { padding: 0; margin: 0; width: 100%; height: auto; font-size: 16px; font-weight: 100; } .xan .tab-group__panel ul li::before { font-size: 1.7em; top: 16px; } .xan .tab-group__panel ul li { padding-left: 18px !important; } .xan .tab-group__panel--is-active { display: block; } .section--tabs { border-bottom: none; } .section.offer-bar { width: 100%; } .offer-bar__image { padding-top: 60px; } .offer-bar .two-col { -webkit-column-count: 1; column-count: 1; } } /*================ Mobile Hide/Show ==================*/ .show-desktop, .show-tablet { display: none !important; } @media (min-width: 550px) { .show-tablet { display: block !important; } .show-mobile { display: none !important; } } @media (min-width: 768px) { .hide-desktop.hide-desktop { display: none; } } @media (min-width: 800px) { .show-tablet { display: none !important; } .show-desktop { display: block !important; } } @media (max-width: 768px) { .hide-mobile.hide-mobile { display: none; } } /* img popover */ .popover-container img { cursor: pointer; } ////////////////////////////////////////////////////////////////////////////// // // Magnific Popup // ////////////////////////////////////////////////////////////////////////////// (function ($) { $('.popover-container').magnificPopup({ delegate: 'img', // child items selector, by clicking on it popup will open type: 'image' // other options }); })(jQuery); ////////////////////////////////////////////////////////////////////////////// // // Tabs // ////////////////////////////////////////////////////////////////////////////// (function ($) { // Create tabs from panels $('.js-tab-panel-x').each(function () { var $this = $(this); var title = $this.attr('data-title'); var bg = $this.attr('data-bg'); var sectionTitle = $this.attr('data-section-title'); var target = $this.attr('id'); var tabGroup = $this.parent().find('.js-tab-group-x'); var tabButton = '

' + title + '

'; tabGroup.append(tabButton); }); // Click handler $('.js-tab-x').on('click', function () { var $this = $(this); var tabGroup = $this.parent(); var target = $this.attr('data-target'); var bg = $this.attr('data-bg'); var sectionTitle = $this.attr('data-section-title'); var tabActiveClass = 'tab-group__tab--is-active'; var panelActiveClass = 'tab-group__panel--is-active'; // Apply background image and Update the title tabGroup .parent() .parent() .css({ 'background-image': 'url(' + bg + ')' }) .find('.js-tab-section-title') .html(sectionTitle); // Deactivate all sibling tabs tabGroup.find('.js-tab-x').removeClass(tabActiveClass); // Reactivate this tab $this.addClass(tabActiveClass); // Deactivate all sibling panels tabGroup.siblings('.js-tab-panel-x').removeClass(panelActiveClass); // Reactivate this panel $('#' + target).addClass(panelActiveClass); }); $('.tab-group .js-tab-x:first-child').trigger('click'); })(jQuery);;