Web Application Firewalls

Fix Critical Application Vulnerabilities

Whether your organisation is a one-person start-up, a global enterprise, or anything in between, you depend on applications and websites to operate effectively. Unfortunately, those applications can also act as a significant vector for today’s advanced threats. A single unpatched vulnerability can let an attacker penetrate your entire network (exactly what happened in the Equifax Scandal), compromising both your data, and the data of your customers, leading to a huge impact on your organisation and its operations.

Did You Know?

67% of cyber attacks happen at the application layer. And 76% of websites have at least one critical vulnerability. – Forrester Research.

WAF Deployment Options

As an independent IT provider, we strive to offer our customers as much choice and flexibility as possible, working with a range of vendor partners, associates, and solutions that we’ve carefully selected over the past 12 years. Although we offer a range of solutions in most other IT solution areas, Barracuda is quite simply the best Web Application Firewall we’ve found and is therefore the WAF that we recommend above all others at present.

APPLIANCE

A physical appliance that secures your apps, defends against bots and DDoS attacks, and accelerates application delivery.

VIRTUAL

A virtual appliance that secures your apps, defends against bots and DDoS attacks, and accelerates application delivery.

AWS/AZURE

Hosted in the cloud to help you avoid the management overheads which come with on-premise equipment.

 DiagnoseIT

Whether you need some advice on a niggling web application issue, or you’re looking into a WAF for the first time, our free DiagnoseIT service can help.

Follow the steps below and one of our WAF TechGurus will call you at a time that suits.
Independent guidance, recommendation, and consultation based on your WAF needs.
There are absolutely no obligations, and no sales people on the call.

Key Features & Benefits

 APPLICATION PROTECTION

Robust security against targeted and automated attacks. Administrators have the ability to set granular controls on response, allowing them to block, throttle, redirect, or perform a number of other actions.

OWASP TOP 10 PROTECTION

OWASP (Open Web Application Security Project) list the Top 10 critical attacks like SQL Injections and Cross-Site Scripting (XSS). These vulnerabilities are automatically identified, logged, and protected against.

FIX THREATS AUTOMATICALLY

Utilises popular application scanners like IBM AppScan and Cenzic Hailstorm and then automatically configures your security template to protect against the identified issues without administrator intervention. Ensures you remain protected at all time during development work, or the implementation of new applications. 

ADVANCED DDoS MITIGATION

Advanced DDoS protection capabilities allow administrators to distinguish real users from botnets through the use of advanced risk assessment techniques, heuristic fingerprinting and IP reputation, thereby allowing them to block, throttle, or challenge suspicious traffic. 

MOBILE APP PROTECTION

Secures the entire attack surface of mobile applications and REST APIs, filters malicious inputs in requests with JSON payloads, helps ensure API SLAs to partners, and provides anti-pharming protection from rogue consumers. Interactive web applications using JSON with AJAX are similarly protected.

DATA LOSS PREVENTION

Inspects all inbound traffic for attacks, and outbound traffic for sensitive data. Sensitive information such as credit card numbers, or any other custom patterns can be identified and either blocked or masked without administrator intervention. Information is logged and can be used by administrators to find potential leaks.

COMPLIANCE

Comply with major application-specific requirements like PCI-DSS, HIPAA, FISMA, and SOX. Directly satisfy section 6.6 of PCI-DSS and assists compliance with built-in PCI compliance reports. A FIPS 140-2 HSM model ensures that applications it protects meet the highest cryptographic standards.

ADVANCED THREAT PROTECTION

Comprehensive security against advanced zero-hour threats. By analysing files in a CPU-emulation based sandbox, detect and block malware embedded deep inside files uploaded to your web site or web application.

APPLICATION LOAD BALANCING

Load balancing of all types of applications included with the Web Application Firewall. Load balancing ensures that subsequent requests from the same IP address will be routed to the same back-end server as the initial request. This guarantee of persistence requires an awareness of server health so subsequent requests are not routed to a server which is no longer responding. Monitor server health by tracking server responses to actual requests and marking the server as out-of-service when errors exceed a user configured threshold.

COMPREHENSIVE REPORTING

Powerful graphical reporting provides immediate insight into compliance, threat activity, web traffic and regulatory compliance. All client requests, administrator modifications, and firewall actions are logged. This provides a comprehensive audit log for compliance and security policy tuning. Data from the logs are used to build graphical reports on attacks, web traffic, compliance or a number of other analytical reports. Logs can also be exported to 3rd party analytics suite via Syslog or FTP.

Like What You See?

If so, the best thing you can do next is get in touch! The steps below give us a clear path to help ensure you get all the information you need, but feel free to select whichever suits you the most…

STEP 1:

SCOPING CALL

GET STARTED

Book a Scoping Call with one of our TechGurus and it will give you the chance to find out more about some of the best options for your WAF needs. There’s no obligation to go any further and no sales people on the call, just a techie who will qualify your needs and provide relevant guidance, recommendation, and consultation.

STEP 2:

ONLINE DEMO

GET STARTED

If you’d like to see a more in-depth delve into Web Application Firewalls right from the off, why not book an online demonstration – all you need is an internet browser. A dedicated WAF engineer will walk you through the solution for a personalised tour of the relevant features and benefits. It lasts 30-45 minutes depending on how many questions you ask.

STEP 3:

EVALUATION

GET STARTED

We can provide a free 30 day no-obligation evaluation for many of our solutions. These can be software downloads or a trial unit we can ship to you. We always encourage fully testing any solution in your own environment and can provide free help throughout an evaluation with installation and configuration assistance.

 

YEARS IN BUSINESS

END USER CLIENTS

SATISFACTION RATING

Client Testimonials

Our clients can tell you more than we ever could. Here’s what a few them have to say about E-ZU…

South Wales Fire & Rescue

E-ZU has delivered by far the best Customer Support I have experienced to date. Communications were prompt and friendly. We were able to find a cost-effective solution quickly and at the right price bracket.

Please drop your details into the form below to receive this case study by email…

Marshall Amplification

E-ZU were helpful and informative at every level and were able to answer our queries promptly. They soon convinced us that the solution would do everything we needed it to – the 30 day trial offered also gave us peace of mind and confidence in the product.

Please drop your details into the form below to receive this case study by email…

The Entertainer

The knowledge of E-ZU’s staff smoothed the presales and setup processes, making them straightforward and professional. Their honest and forthright guidance on product options in the early stages was especially refreshing.

Please drop your details into the form below to receive this case study by email…