Managed Web Application Firewall
Challenge
Extending an enterprise to suppliers, partners and customers through web applications offers numerous benefits including brand enhancement, access to real-time information, and quick online transactions, all while reducing cost and increasing revenue. However, extending the business to the web comes with significant risk to applications, databases and critical data that are continuously exposed to more sophisticated and targeted threats. Protecting the processing and transmission of critical information through web applications while complying with government and industry regulations can be a complex, labor intensive undertaking that must be approached as part of a comprehensive application security strategy.
Web application firewalls have emerged as an important part of an overall application security strategy, protecting the organisation’s most critical assets, maintaining business continuity and complementing other application security practices. As IT teams explore the role application firewalls must play within their security practice, they are finding they require significant resources and expertise to implement, maintain and monitor.
Solution
earthwave Managed Web Application Firewall Service (MWAF)offers a managed solution for efficient deployment, management and monitoring of web application firewall device(s). Delivered through market-leading technology, proven processes and skilled personnel, the service simplifies the use of web application firewall technology to help protect online applications against sophisticated application level attacks like SQL injection and Crosssite scripting, theft and leakage of data from online applications, and satisfies the PCI DSS (Payment Card Industry Data Security Standard) 6.6 application security requirement.
earthwave MWAF complements application strategies and investments such as secure software development life cycle (SDLC), code review and application tests as well as network centric security investments including firewalls, IDS, database and log management technologies.
Each implementation of this service includes:
- full system administration.
- system management
- security policy management
- software upgrades
- 24x7 monitoring and alarm management
- a service level agreement with guarenteed service levels
And remember, subscribing to MWAF does not require purchase of hardware or software, study of technical manuals or constant updating of your systems.
System administration and management
- Expand
- Collapse
-
earthwave can deliver the management and administration of the WAF without any on-site assistance from the customer. A key element of the service is the quality assurance and reliability we build in as standard. By using a rigorous process to test software patches and major releases, we ensure system integrity before rolling-out the whole system in the production environment.
Our aim is to keep the system up-to-date and implement the latest fixes and patches as they become available from the vendors. However, this is only done once we are sure that nothing else will be affected.
Security policy management
- Expand
- Collapse
-
earthwave security engineers will manage and maintain the WAF configuration to ensure a robust security policy is maintained and will make changes to the policy based on appropriate requests from customers.
Change requests
- Expand
- Collapse
-
Designated contacts within an organisation are used for authorising all policy changes. This can be initiated from the portal. Alternatively a fax plus authorised signature or encrypted e-mail procedure may be used.
Change control
- Expand
- Collapse
-
All changes are managed through a change control procedure, and all changes are 'vetted' to ensure the overall security of the WAF is not compromised by an inappropriate request.
Additionally, all changes are logged and recorded, with the option to quickly roll back the security policy if necessary. For extra peace of mind, all configuration files have a digital signature attached to them to protect against unauthorised tampering.
Management reports
- Expand
- Collapse
-
Monthly online WAF reports are included within the MWAF. The WAF log files are either directly accessed by our reporting servers or in the case of more sophisticated Reverse Proxy designs the log files are automatically stored on the Security Devise Agent (SDA) and a management summary sent through an encrypted connection back to the SOCs. Here, they are processed and the contents used to create on-line graphical reports containing information such as security and alert reports, traffic volumes and WAF utilisation. These reports are updated regularly and can be accessed via earthport - MSS Client Portal.
Vendor neutral
- Expand
- Collapse
-
Supports solutions from leading providers such as F5, Breach, Cisco and Imperva together with 24x7 monitoring and support - earthwave's state-of-the-art Security Operations Center (SOC) maintains constant vigilance for your perimeter security
Tiered Service Levels
- Expand
- Collapse
-
earthwave offers three Service Level options with distinct, quantifiable Service Level Agreements (SLAs) to best meet customer needs and address support level preferences. These unique tiers provide different levels of response time, report content and frequencies, and data storage. Our Standard package offers excellent service tailored for less complex infrastructures that require basic support. The earthwave Enhanced package is a mid-level offering that provides extra features and faster response times for customers with more complex needs. And, the earthwave Premium package gives customers with complex and stringent requirements a host of customisations, extra features and extra functionality.
Learn More
