Progress Kemp’s integrated L7 WAF platform is based on an industry-leading rules engine that provides real-time coverage for all published application threats, including the Open Web Application Security Project (OWASP) Top Ten, as well as critical baseline protections. It also allows you to use your existing rules in a centralized Progress Kemp Application Delivery Controller (ADC) appliance.

With the WAF-ADC integration, Progress Kemp enhances its existing security features available on LoadMaster platforms, which currently feature edge security gateway functionality to protect published workloads including reverse proxy, Single Sign On (SSO), pre-authentication and SMTP domain filtering, dual-factor authentication, Intrusion Prevention System (IPS) and SSL bridging for secured traffic flows. Progress Kemp’s commercial rules also includes attack categories such as IP reputation, botnet attack detection, web-based malware detection, webshell/backdoor detection, and HTTP Denial of Service (DoS) attack detection.

The LoadMaster includes WAF features and security services. This gives network administrators the ability to:

  • Secure applications with minimum network impact and maximum protection
  • Simplify infrastructure with this integrated solution
  • Centralize required Application Delivery Controller (ADC) and WAF SSL overlay services into one product

As depicted in the diagram above, WAF provides a number of useful features such as:

  • Fully-featured load balancing and content switching
  • Intrusion Prevention System (IPS) and content filtering
  • Protection against the Open Web Application Security Project’s (OWASP) top ten vulnerabilities
  • Support for standard and custom applications
  • Active (block and log) mode operation support
  • Passive (log only) mode operation support
  • SQL injection protection
  • Cross-site scripting mitigation
  • Cross-Site Request Forgery (CSRF) prevention
  • Cookie or form tampering prevention
  • Distributed Denial of Service (DDOS) mitigation
  • Trojan protection
  • IP reputation checking
  • Data leakage protection
  • Built in reporting
  • Built in logging including log field masking (that is, credit card numbers)

For further information, including steps on how to configure WAF, refer to the Web Application Firewall (WAF), Feature Description.