In reverse mode (Reverse Proxy mode), CacheGuard Web Gateway appliance can examine Web requests destined to you Web applications and block malicious requests such as XSS, SQL injections. In this way it operates as a WAF (Web Application Firewall).
While traditional firewalls operate at the IP level and restrict connections based on IP protocols such as TCP/UDP and port numbers, CacheGuard WAF goes deeper by filtering the content of the Web traffic in order to block threats destined to HTTP/HTTPS applications.
Because cyber-attacks have become increasingly sophisticated, blocking threats at the IP level only is not sufficient to provide a high level of security for servers and Web applications. CacheGuard allows you to protect your Web applications not only at the IP level with an embedded traditional firewall but also at the HTTP/HTTPS level.
Malicious Web Requests
Because developers of Web applications are more concentrated on writing programs that meet functional needs rather than worrying about the security, they may by mistake or on inattention write vulnerable codes to content attacks. That’s why even if a Web application is written in respect of security rules, it’s highly recommended to filter Web requests destined to Web applications in order to block malicious requests. CacheGuard provides protection from a range of attacks against Web applications and allows to write your own WAF rules for your specific needs.
CacheGuard protects Web applications against: Protocol Violations, Protocol Anomalie, Bad Robots, Session fixation, Blind SQ injection, SQL injection, XSS (Cross Site Scripting), File injection, Command access, Command injection, Cold Fusion injection, LDAP injection, SSI injection, PHP injection, Trojans, Outbounds, Marketing
Virus Injection Protection
If users of your Web applications have the possibility to upload files to your Web servers, there is a risk that a malicious user or simply a user by mistake upload a virus infected file to your Web server. CacheGuard embeds an Antivirus that works in association with the WAF to instantly block any attempts to upload malware into your Web servers.
Powered by ModSecurity
CacheGuard WAF is based on Apache, ModSecurity and OWASP WAF rules. If you are familiar with Linux (or BSD), complex configuration files, all tools around Apache (like ModSecurity) and have the time and patience to configure all those tools to match your requirements in terms of capacity and performance, you can probably build your WAF. Otherwise you can use an Off-the-Shelf solution like CacheGuard and benefit from easy to manage appliance.
Learn more about the WAF in the User’s Guide.