Airlock WAF (Core)Airlock WAF

The Airlock Web Application Firewall offers a unique combination of protective mechanisms for web applications. Whether your objective is PCI DSS compliance, security for online banking or protection for eCommerce: Airlock WAF will upgrade security for your internet applications — a permanent solution with a host of well thought-out functionalities.

The Airlock WAF core is the corner stone of the Airlock Suite. It provides all functionality you would expect from a solid WAF solution. However, this is just the beginning. Turn it into a Web access management solution with central upstream authentication by using the Airlock Login. Add further the Application Portal Module and it becomes the center piece for integrating all your web applications. Add the SSL VPN Service Module, the Kerberos Client and the Secure Session Transfer Module to build a separate remote access Intranet portal for your employees. Build a secure partner portal in order to enable remote access to selected applications to your business partners.

Use the SOAP/XML Validator Module separately in order to integrate external SOA web services in a secure way. Increase your security further by storing your key material in a HSM module. Plug in external security software for additional security checks, e.g. virus check for data transfers. Session recording and integration with Splunk services is also supported.

Do you need a simple failover setup or a farm based high availability setup? Do you need to support BCP and testing environments? Have a look at the reduced license pricing model with makes it all affordable.

Do you offer cloud based solutions? Then it is ideal for enhancing the security of your cloud services – or it can be offered independently as external cloud based security service.

The Airlock WAF core is the ideal base for building security gateways for your perimeter boundary – on premise or as cloud service.


Thanks to Airlock WAF, businesses can exploit the potential of the internet without jeopardizing the security and availability of their web applications and services. Each access is systematically monitored and filtered at every level. Used in conjunction with an authentication solution such as Airlock Login or IAM, Airlock WAF can force upstream user authentication and authorization. This allows a uniform, central single sign-on infrastructure. All important information is also made available via monitoring and reporting functions. Airlock WAF is the only web application security solution on the market that provides superlative end-to-end protection for complex web environments.

Reverse Proxy and Web Application Firewall

Airlock WAF offers a unique protection mechanism by operating as a combined secure reverse proxy server and web application firewall. All access attempts are systematically controlled and filtered.

Improved availability and performance

Web applications and web services deal only with authorised users and valid data traffic. High availability is guaranteed through load balancing and failover functions.

Control via a central access point

Airlock WAF is a central point of control for web access, avoiding anonymous interactions with applications that have user authentication. Airlock covers every layer reducing costs and dependencies.

SIEM integration

The Airlock Operations app for Splunk® Enterprise makes aggregated management reports available on security issues and application usage. Network administrators can use various dashboards to investigate security-critical events so application and performance problems are rapidly resolved.

Shorter time to market thanks to virtual patching

Secure now, fix later – that’s virtual patching in a nutshell. Airlock WAF’s reverse proxy approach makes it very easy to virtualize servers and services. Virtual import of patches is also possible. The benefit: security-relevant weaknesses are quickly remedied.

Simple operating

Airlock is a linux-based software appliance with a hardened operating system. It runs on the common hardware platforms, in virtual machines and in the cloud.

Details Airlock WAF

Main Features:

  • Secure reverse proxy
  • Central checkpoint
  • Filtering
  • Dynamic whitelisting
  • Central security hub
  • High availability and performance
  • Modern Web interface
  • Graphical mappings
  • Role-based administration
  • Versioning and rollback
  • Real-time regex tester
  • Central certificate management
  • Zero downtime updates
Effective against most common types of attack

  • Injections
  • Cross-site Scripting (XSS)
  • Session takeover
  • Cross-site request forgery
  • Forceful browsing
  • Cookie tampering
  • Path traversal
  • Airlock WAF is a software appliance – performance and capacity is adjusted by installing it on appropriately powerful hardware
  • Supported CPU: x86 or related virtual machines (VMWare is officially supported)
  • WAF Core software requirements: None – however, it should be operated in an appropriate environment
  • Modular approach: Add security functionality with extension modules
  • Flexible licensing model

License Details Airlock WAF

Airlock_logolet

License Part 1 (WAF Core)

WAF core part of the license: The max. number of backend applications which are to be protected. The license can be upgraded easily without changing the installation base.

Airlock_logolet

License Part 2 (Authentication Enforcement Module)

Second part of the WAF license: Capacity based license tied to the number of concurrent sessions which are authenticated. This license is required if authenticated sessions are managed on the Airlock WAF, i.e. if the AE Module (Authentication Enforcement) is activated.

The AE module supports various backend directories like LDAP, Radius, Active Directory, ACE-SecurID, JDBC-DBs, File-DB and is flexible through additional plugins. The AE Module can be used with existing login services (from third parties) or with the standard Airlock Login component.

The AE license is not required in case of public applications (as there are no authenticated users) or if the application is managing authentication and access control on its own without using this Airlock functionality.


Please use below contact form for any questions, comments or product inquiries.

 

This page contains copyright material from ©Ergon Informatik AG. Other products or trademarks mentioned are the property of their respective owners.