Home / Symantec / Introduction to Symantec Web Application Firewalls

Introduction to Symantec Web Application Firewalls

Before we are starting with the Symantec Web Application Firewalls, first we need to understand

What and why we need WAF or so called Web Application Firewalls ?
If you are talking about the Web servers, they are often targeted by attackers to help them host and deliver malware. In the Verizon’s 2015 Data Breach Investigation Report it was found that the attacks on web applications were one of the most common threats enterprises faced. 

How to mitigate these kinds of risks ?
To mitigate the risks a compromise poses to their reputation and ongoing operations, enterprises are implementing Web Application Firewalls (WAF) to protect their web properties and enforce the security and privacy of their web applications. To ensure the security they implement does not adversely affect the performance of the web. So for avoiding the various attacks from the outside world enterprises need WAF kind of services and there are lot of providers in the WAF.

Now in this case we required WAF or so called Web Application Firewalls, Now let's talk about the Symantec Web Security Application Firewalls in details with features and the purpose. I will try to put another article on Cisco WAF as well as they are also capturing the market now a days.


Symantec Web Application Firewall
So i hope you guys got the basic concept of WAF and now you know why we required WAF in our networks. In this article I am going to talk about the Symantec Web Application Firewall. With the help of Symantec WAF which is capable of both securing and accelerating web applications for optimal productivity. The Symantec WAF is a component of Symantec’s Web Application Security solution, making it easier and more efficient to leverage and secure web-based applications to support your business requirements. 

Fig 1.1- WAF( Web Application Firewalls)

With the Symantec WAF, you can safely set policies and protections around your applications to enable your employees, vendors and customers to get work done. Built on the industry-leading ProxySG, the Symantec WAF addresses today’s security concerns including the Top Ten risks identified by the Open Web Application Security Project (OWASP), providing the most advanced policy, control, accountability and performance features available in a WAF solution. 

Why Symantec WAF is so special ?
Well as in the market there are lot of WAF providers and I am not saying that Symantec is best of all but yes Symantec capture huge market in this segment and with the help of Symantec WAF you can delivers advanced, next-generation protection that addresses today’s critical security concerns including the OWASP Top 10 vulnerability concerns for web applications. The WAF conducts advanced threat analysis on both inbound and outbound content to detect and protect your infrastructure from attacks. 

Protection is provided through both signature-based engines capable of blocking known attack patterns and advanced signature- less engines designed to uncover unknown and zero-day attacks in the web traffic. 

What other features are there in the WAF ?
With the help of WAF you can also protects the web infrastructure by isolating origin servers from direct Internet access. In addition, the WAF monitors your web servers and other proxy-related devices, conducting strict HTTP/HTML protocol validations from the server and client to ensure activity is legitimate. You can also secure user access to web applications by using the WAF as a SSL/TLS termination point. 

The WAF provides both server and client-side certificate support, with web services encryption/decryption and digital signature verification to ensure the integrity of the communications. As a SSL/TLS termination point, the WAF offloads the decryption/ encryption of SSL from the web servers to improve overall performance and mitigate the risks of man-in-the-middle (MITM) attacks. 

URL and Proxy Policies 
The Web Application Firewall enables administrators to create policies as needed for compliance, regulatory, and security needs. The powerful policy engine in the ProxySG allows administrators to create extensive and flexible policies as needed including URL rewriting, SSL/TLS validation and enforcement. You can set policies based on the geographic location of the end-user accessing the enterprise’s website to help mitigate risks and support your regulatory, corporate and compliance requirements. 

Other Policy Controls

Well with the Use of Geo-IP enables you to identify the country location of a specific client’s IP address to understand where they are coming from, so you can make appropriate decisions around their access. 

The Geo-IP database is automatically updated through the Symantec Global Intelligence Network, so any changes will be immediately reflected in the IP address. A real IP address of the client is required, which can be attained from a source IP address or a HTTP request header.