This Web Application Firewall Solution is presently being provided at NDCSP and Hyderabad National Data Centres of NIC. The Web Application Firewall is of prime requirement in NIC for effective protection mechanism against web application attacks. In the course of a web application threat eventuality, a dedicated solution like Web Application Firewall (WAF) is desired to be positioned for strengthening the perimeter level security of NIC.
The Web Application Firewall intended to be placed in NIC would block an ever-expanding list of sophisticated web-based intrusions and attacks that target applications hosted on web servers and in the cloud. It would also help in tracking emerging attack vectors at application level and would help in taking safeguarding approach for restricting the same.
Key features of security provided by WAF placed in NIC are as followed:
Web Application Firewall scans all inbound web traffic to block attacks, and inspects the HTTP responses from the configured back-end servers for Data Loss Prevention (DLP).
The integrated access control engine enables administrators to create granular access control policies for Authentication, Authorization & Accounting (AAA) without having to change the application.
Its application acceleration delivery capabilities like SSL Offloading, Load balancing, caching, compression, and connection pooling ensures faster application delivery of the web application content.
Protection against common, high-visibility attacks – SQL injection, Cross Site Scripting, Command injection, CSRF, XML attacks, Malicious File Execution.
Protection against attacks based on session state – Session Hijacking, Cookie tampering, Click jacking
Brute Force Attack Prevention
Application Denial of service (DoS) protection – Slow Client Attack, DDoS Prevention using CAPTCHA, IP Reputation Filter
Data Theft Protection – Deep inspects all server responses to prevent leakage of sensitive information using provided default patterns (credit card data, social security numbers, etc.) or User Defined Patterns (Custom Patterns).
Website Cloaking – Strips identifying banners of web server software and version numbers and provides customizable HTTP error handling to defeat server fingerprinting attacks (Suppressing error codes and filtering headers).
Logging, Reporting and Monitoring – Inbuilt reporting module, Web Firewall Logs, Access Logs, Audit Logs, Configuring Syslog.
Restrict the access of critical part of application like CMS for defined Trusted IP(s)
The WAF is placed in High Availability Mode.
Registered Cloud users may Click here and submit their Service Request (SR) to avail the above service, whereas new users ( i.e. users not yet registered for cloud ) are requested to first apply for the Cloud Registration with refering the On-boarding procedure.