Member Article

Avi Networks Unveils Intelligent Web Application Firewall

Load balancing and application services company Avi Networks is set to release its Intelligent Web Application Firewall (iWAF), a software-only solution that operates as a centrally managed fabric across datacentres, private clouds, and public clouds.

Avi Networks claims that with iWAF’s scale-out architecture, enterprises are no longer constrained by the operational and performance limitations of traditional appliance-based web application firewalls. Additionally, iWAF’s integrated analytics engine provides IT organisations real-time security and operational intelligence through machine learning.

Attracting early praise from Swisslos, Joris Vuffray, Head of Network and System Management at Swisslos, a Swiss lottery based in Basel said: “Appliance-based products weren’t meeting our needs, and as we evaluated alternatives, web application firewalling was our number-one consideration. We were pleasantly surprised by the Avi iWAF’s simple deployment, impressive ease-of-use, and intelligent security analytics, as well as the responsiveness of the Avi team.”

Traditional web application firewalls suffer from poor performance and “wall-of-knobs” complexity, operating as black boxes that provide little to no intelligence. Avi’s elastic scale-out platform enables iWAF to perform 50X faster than legacy appliances, processing hundreds of Gbps of throughput and over a million transactions per second. Beyond improved performance, Avi iWAF is now an important source of security enforcement and intelligence for applications. iWAF protects web applications from common vulnerabilities identified by Open Web Application Security Project (OWASP), such as SQL Injection and Cross-site Scripting, while providing the ability to customise the rule set for each application. iWAF analyses the security rules that match a particular transaction, providing this insight in real-time as applications and attack patterns evolve. With the Avi Networks iWAF, IT teams no longer need to fly blind when writing and enforcing security policies. Based on this intelligence, one-click customisation of rules and exceptions helps sharply reduce the problem of false-positive fatigue.

The unique capabilities of Avi Networks’ iWAF include:

Central, simplified policy management

• Central management and automation of all distributed iWAF instances
• Point-and-click policy configurations, with pre-defined templates for OWASP Core Rule Set, customisable for each application

Analytics-driven, accurate security policies

• Real-time security insights eliminate false positives
• Visual policy checks to enforcement

Highest-performance web application security

• Elastic, automatic scale-out across datacentres and clouds
• Scalable per-application deployments allow each mission-critical app to get its own WAF

“In the face of ever-increasing cyber threats, enterprises need to protect their most important revenue-generating assets: their web applications. We designed iWAF to be robust and secure for any application, traditional or cloud-native, under any amount of traffic,” said Guru Chahal, Vice President of Product at Avi Networks. “By reimagining what a WAF could be for modern applications and hybrid environments, we were able to deliver better performance, intelligence, and price, all with the ease-of-use our customers have come to expect.”

“Security and operations personnel need intuitive and scalable WAF solutions to effectively address their requirements in modern datacentre or cloud environments,” said Jim Duffy, Senior Analyst, Networking, at 451 Research. “With centralised management, elastic scale, and closed-loop security analytics, the Avi iWAF delivers a compelling model to secure web applications.”

Avi is taking orders for iWAF, and the solution will be generally available by October 31, 2017.

This was posted in Bdaily's Members' News section by Pete Jackson .