The Airlock Web Application Firewall offers a unique combination of protective mechanisms for web applications. Whether your objective is PCI DSS compliance, security for online banking or protection for eCommerce: Airlock WAF will upgrade security for your Internet applications — a permanent solution with a host of well thought-out functionalities.
The Airlock WAF core is the corner stone of the Airlock Suite. It provides all functionality you would expect from a solid WAF solution. However, this is just the beginning. Turn it into a Web access management solution with central upstream authentication by using the Airlock Login or Airlock IAM. Add further the Application Portal Module and it becomes the center piece for integrating all your internal web applications. Add the SSL VPN Service Module, the Kerberos Client and the Secure Session Transfer Module to build a separate remote access Intranet portal for your employees. Build a secure partner portal in order to enable remote access to selected applications to your business partners.
Use the SOAP/XML Validator Module separately in order to integrate external SOA web services in a secure way. Increase your security further by storing your key material in a HSM module. Plug in external security software for additional security checks, e.g. virus check for data transfers. Session recording and integration with Splunk services is also supported.
Do you need a simple failover setup or a farm based high availability setup? Do you need to support BCP and testing environments? Have a look at the reduced license pricing model with makes it interesting also for many more use cases and environments.
Do you offer cloud based solutions? Then it is ideal for enhancing the security of your cloud services – or it can be offered independently as external cloud based security service.
The Airlock WAF core is the ideal base for building security gateways for your perimeter boundary – on premise or as cloud service.
|Thanks to Airlock WAF, businesses can exploit the potential of the Internet without jeopardizing the security and availability of their web applications and services. Each access is systematically monitored and filtered at every level. Used in conjunction with an authentication solution such as Airlock Login or IAM, Airlock WAF can force||upstream user authentication and authorization. This allows a uniform, central single sign-on infrastructure. All important information is also made available via monitoring and reporting functions. Airlock WAF is the only web application security solution on the market that provides superlative end-to-end protection for complex web environments.|
Reverse Proxy and Web Application Firewall
Airlock WAF offers a unique protection mechanism by operating as a combined secure reverse proxy server and web application firewall. All access attempts are systematically controlled and filtered.
Improved availability and performance
Web applications and web services deal only with authorized users and valid data traffic. High availability is guaranteed through load balancing and failover functions.
Control via a central access point
Airlock WAF is a central point of control for web access, avoiding anonymous interactions with applications that have user authentication. Airlock covers every layer reducing costs and dependencies.
The Airlock Operations app for Splunk® Enterprise makes aggregated management reports available on security issues and application usage. Network administrators can use various dashboards to investigate security-critical events so application and performance problems are rapidly resolved.
Shorter time to market thanks to virtual patching
Secure now, fix later – that’s virtual patching in a nutshell. Airlock WAF’s reverse proxy approach makes it very easy to virtualize servers and services. Virtual import of patches is also possible. The benefit: security-relevant weaknesses are quickly remedied.
Airlock is a linux-based software appliance with a hardened operating system. It runs on the common hardware platforms, in virtual machines and in the cloud.
Details Airlock WAF
||Effective against most common types of attack
- Airlock WAF is a software appliance – performance and capacity is adjusted by installing it on appropriately powerful hardware
- Supported CPU: x86 bare metal – or related virtual machines (VMWare is officially supported).
- Airlock WAF as Docker host: If you want to use Airlock WAF as Docker host in e.g. a dev/test environment or Dev/Ops pipeline, then you need support for nested virtualization (VT-X and AMD-V on bare metal, and a virtual machine capable to support nested virtualization).
- WAF Core software requirements: None, it comes with its own OS. However, it should be operated in an appropriate environment
- Modular approach: Add security functionality with extension modules
- Flexible licensing model
License Details Airlock WAF
License Part 1 (WAF Core)
WAF core part of the license: Bound to the max. number of backend applications which are to be protected. The license can be upgraded easily without changing the installation base.
A standalone installation without further modules or plugins will base on this license.
License Part 2 (Authentication Enforcement Module)
Second part of the WAF license in case of authentication enforcement is used with the Airlock Login: Additional license fee tied to the number of concurrent sessions. This license is only required if authenticated sessions are managed on the Airlock WAF, i.e. if the AE Module (Authentication Enforcement) is activated when the Login module is used.
The AE module supports various backend directories like LDAP, Radius, Active Directory, ACE-SecurID, JDBC-DBs, File-DB and is flexible through additional plugins. The AE Module can be used with existing login services (from third parties) or with the standard Airlock Login component.
This Authentication Enforcement license is not required in case of public applications (because there are no authenticated users) or if the application is managing authentication and access control on its own without using this Airlock functionality.
Please use below contact form for any questions, comments or product inquiries.
This page contains copyright material from ©Ergon Informatik AG. Other products or trademarks mentioned are the property of their respective owners.