The website uses cookies to deliver services in accordance with the Cookies Policy. You can define the conditions for storing or accessing the cookie mechanism in your browser.
Hillstone W-Series Web Application Firewall (WAF) provides comprehensive enterprise-class security for web servers, applications and APIs. It defends against both network and application layer attacks, providing protection against DDoS, OWASP Top 10 threats and bot attacks, to name a few examples. In addition, WAF validates APIs against the schema defined in OpenAPI and automatically generates security model policies to detect and defend against attacks and abuse.
SOLUTION OVERVIEW
Hillstone WAF combines traditional rule-based detection with innovative semantic analysis. This binary approach significantly improves accuracy while minimizing the number of "false positives" events. Hillstone WAF also uses machine learning technology to tune security policies and block unknown threats and attacks. In addition, logs can be automatically aggregated across multiple dimensions, allowing administrators to easily identify suspicious anomalies or locate false positives and then fine-tune policies as needed.
FEATURES
Comprehensive web application security
Hillstone Web Application Firewall (WAF) provides complete web application and API security for enterprises and other organizations. It detects and defends against both network layer attacks (such as DDoS attacks, flood attacks, scanning and spoof attacks, etc.) and application layer attacks (such as OWASP Top 10 threats, including injection attacks, cross site scripting (XSS) attacks, injection, etc.). Hillstone WAF automatically identifies web servers and associated assets and covers them with protection. As a result, Hillstone WAF covers the entire web environment with protection, even as it scales, allowing for greater operational efficiency and faster delivery of value.
Advanced API protection
With the rise of digital transformation, APIs are playing an increasingly important role in application development and integration. The popularity of APIs potentially exposes additional attack surfaces, such as data overexposure, lack of resources and speed limitation, injection and XSS attacks among API calls, etc. Based on the schema defined in OpenAPI files, Hillstone WAF helps validate and generate positive security model policies to detect these threats in APIs.
Improved detection accuracy and efficiency with two engines
Hillstone WAF integrates the industry's most innovative semantic analysis with traditional WAF detection engines. Combined with traditional rule-based detection, the semantic analysis engine helps further detect threats such as SQL injection and cross site scripting, and minimizes false alarms by creating context awareness. Hillstone WAF's recursive decoding feature also detects attacks that are obscured by multiple layers of encryption. This two-pronged approach significantly improves detection accuracy and performance.
Intelligent analysis and reporting through logs
Hillstone Web Application Firewall provides administrators and operators with high visibility and comprehensive reports with threat analysis, traffic analysis, attack distribution and threat control. The log aggregation feature collects logs from multiple tiers to help operators easily identify suspicious anomalies or find false results from logs, and then tune policies accordingly.
Machine learning-based security rule optimization and defense against unknown attacks
In addition to general rule-based and script-based protection for known attacks, Hillstone WAF has an automatic learning feature that helps mitigate unknown threats to protect specific applications from zero-day attacks. The ML-based model learns from data from normal traffic, such as parameter lengths, cookies, HTTP methods, etc., tunes itself based on test results as well as data from administrators, and continues to update learning models and optimize Web Application Firewall rules as applications evolve. It significantly reduces operational costs by eliminating troubleshooting false positives and manual rule tuning.
On local martkets Bakotech Group operates through a well-established partner network, including over 1,000 active dealers. Key IT-integrators and are involved in the realization of large-scale projects concerning implementing solutions for end-customers from various segments of business. Bakotech's business strategy is True Value Added Distribution or in other words - project oriented distribution.
We are providing our partners with a wide range of services such as PR, co-marketing activities, pre post-sales support, trainings for partners and end-customers, PoC, PoV, solution consulting, implementation support and technical support.
VAT ID 6762466740
REGON 122894922
KRS 0000467615
ph. +48 12 340 90 30