Web applications are today the main point of intrusion, there is no doubt that it is proven and accepted as true. Many are the ways and goals to which their security is breached.

Even by regulatory compliance requirements such as PCI DSS, is a protection system, as a network firewall, is now considered an essential security requirement.

There are many attacks that are subject to these web applications, we are aware of this since we have even discovered some of them:

• SQL Injection, Command –LDAP, MX, OS – injection, etc.
• Cross Site Scripting (XSS).
• Buffer overflows.
• Session manipulation.

An Application Firewall works at the HTTP protocol, ie not a simple search of patterns in a flow of information (such as a classic antivirus clerk). WIPS interprets HTTP traffic, breaks it down and analyze it piece by piece looking for patterns and behavior "illegal" or "legal" within the inbound and outbound traffic (requests and responses). Lets reject, accept and deflect requests based on the filtering rules in a personalized way.

It is a platform based on Open Source software which offers extra features developed and incorporated permanently by our R + D + i. Moreover, these are published in a manner that contributes to the projects that we get a benefit.

Its main features are these:

• Transparent: Adds protection without modifying application source code. No need to reprogram applications.
• Precise: It's a powerful protection against errors or holes through which no patch is available. Allows to protect our software vulnerabilities that have not discovered the development teams or audit of black or white box.
• Accurate: The level of decision allows granularity protection is so high that can be adjusted to any requirement of managing access to Web resources.
• Efficient: The performance optimization of the platform is that the impact is minimal response time from the point of view of the Ussuri. We add a layer of security without penalizing the speed of application usage.
• Configurable and Versatile: Being based on a powerful regular expression engine gives great flexibility and allows detailed control over all aspects of the HTTP protocol and all its methods, fields, etc.
• Effective: You can precisely define the security policy using few rules and thus to fine tune the behavior to our needs.

The WIPS platform capabilities and its main technical features are these:

• It operates as a transparent proxy for the user. This adds extra protection since oculata protected servers.
• Filtering requests (using regular expressions) at all levels: POST, GET, HTTP headers, Cookies, etc.
• Filtering answers as to avoid leakage of information on systems or business.
• Anti-Evasion Techniques (decode URL, form parameters, multiple bars (//), etc.).
• HTTP Compression (high granularity).
• Analysis of POST requests (POST Payload analysis). Not only protects the server from attacks, but also avoids leakage of information to the user.
• Detailed records, for later forensic analysis (source IP, destination IP, timestamp, data, http requests complete).
• HTTPS filtering (ability to close the SSL tunnel between client / server).
• Detection and blocking of shellcodes (byte range verification).
• Methods of protection based on strong cryptography to protect against attacks seeking resources, navigation and automatic random attacks on session management, modification of parameters and forms, etc..
• Very tuned configuration capability that allows web servers to protect full, virtual hosts, directories, or files an application accurately.
• Definition of rules that allow you to use regular expressions and combine with each other to increase the protection objective.
• Chance of external command execution and review controls for viral file (integration with antivirus).
• Monitoring SNMP platform, capable of integrating into a system like Nagios or similar.
• Ability to safely centralize logs (syslog-ng) in a central or tool repotorio SEIM.
• Ability desplagar the platform in High Availability (HA) active / passive.
• Hardware Enables scalability as protected servers grow.
• Preinstalled on a 1U server enrackable

WIPS is not simply a product is a solution offered by a managed security service.

Our team deploys, configures, monitors and adjusts the platform by downloading the client from the daily task of managing and leveraging our know-how in developing security (S-SDLC, Secure Software Development Life Cycle) and audit applications.

Customer's technical staff is way to know the platform. WIPS does not become a stranger to their computers safe systems, development and security. The more understanding there is on the platform, best results are achieved more effectively with and resolve incidents.

When attacks are detected on the platform notifies the client to take appropriate measures: it has passed into history to discover web attacks had once been effective and could be too late.

The customer has a web interface through which you can get real time statistics on the effectiveness of the platform.