Latest Technology in Firewalls

First of all , we need to know what a Firewall is ?

A firewall is software or hardware-based network security system that controls the incoming and outgoing network traffic by analyzing the data packets and determining whether they should be allowed through or not, based on a rule set. A network's firewall builds a bridge between the internal network or computer it protects, upon securing that the other network is secure and trusted, usually an external (inter)network, such as the Internet, that is not assumed to be secure and trusted.

Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls can perform basic routing functions.

------------------------------------------------------------------------

And here is the latest hardware firewall technology 

ve been the number one target of hackers. Companies, organizations, and governments that utilize the internet for commerce and communication are at risk of having vital private, proprietary, secret, and/or confidential information leaked via their web applications. Web attacks grow more sophisticated every day. As such, it can be difficult to find a security product that can accurately detect and block both known and unknown attacks – including the top ten critical threats against web applications outlined by OWASP – while minimizing the administrative burden without hampering system performance. However, WAPPLES – the web application firewall from Penta Security – can accomplish those things.

Detects and blocks website attacks

 Prevents website defacement and counterfeit websites
 Prevents web attacks designed to steal information
Provides real-time monitoring and security alerts
Enables High Availability (HA) to prevent any service disruptions
Offers easy and convenient installation and management
Reduces web application security management costs
Optimizes speed of service by blocking unnecessary traffic

Operates on a logic analysis based engine

Capable of detecting both known and previously unknown attacks
Extremely low rate of false positives compared to other products

Does not strain the pre-existing system

Can be installed using a variety of methods that do not place an extra load on the system.
In case there is a hardware problem, the BYPASS feature provides continued service without any disruptions.
WAPPLES can be installed in various network configurations, including in-line, reverse proxy, transparent proxy, and High Availability (HA).

Convenient

Highly skilled administrative staff are not required to operate WAPPLES, due to the combination of its easy-to-use GUI and the intelligent logic analysis based engine.
As WAPPLES itself, not an administrator, is responsible for both detecting attacks and determining and launching appropriate countermeasures, the burden on administrative staff is minimal.

Offers flexible, real-time management

WAPPLES allows administrators to monitor equipment operation status as well as security threats in real-time.
WAPPLES offers customizable reporting, which can provide a variety of statistical data.

Transparent Proxy Method

The web server and firewall are installed and managed using an In-Line method
Ability to install without changing the network setup
Change in web server IP and DNS are not needed
Web client IP is preserved and conveyed to the web server
Supports the Bypass feature

Reverse Proxy Method

DNS sets up and operates the WAPPLES IP address as the web server’s IP address
Prevents exposure of internal web server and web application server configuration
Cloaking effect
Web client’s IP address is converted to the WAPPLES IP address and then conveyed to the web server
X-Forwarded-For, ability to use the header configuration to preserve and convey client IP
Only the HTTP traffic is allowed to pass through providing stronger website security

Reverse Proxy Method (CSLB)

Utilizes the L4 switch Cache Server Load Balancing (CSLB) feature
Uses the CSLB configuration to differentiate web traffic
Ability to utilize L4 switch’s Health Check feature
Suitable for dual networks and complex environments

Product Features

WAPPLES runs on an intelligent logic analysis engine called Contents Classification and Evaluation Processing, or COCEP. This logic analysis engine utilizes a system of 26 ‘rules’ (see below for detailed explanations of each rule) to execute a logical analysis of all types of traffic. This analysis enables WAPPLES to determine whether or not the traffic constitutes a threat to the web application, and to take appropriate countermeasures when threats are detected. If traffic can successfully pass through all 26 rules, WAPPLES determines that the traffic is not an attack, and transports the data to the web application. The split-second performance of the COCEP enables WAPPLES to determine if traffic is safe in just 1/1000 of a second, leaving system performance unaffected

.

Buffer Overflow	Blocks invalid requests causing buffer overflow attacks
Cookie Poisoning	Blocks the falsification of cookies containing authentication information
Cross Site Scripting	Blocks malicious script code having the possibility to be executed by the client
Directory Listing	Blocks the leakage of web sites’ directory and files
Error Handling	Controls error messages so as to avoid exposure of information about web server, WAS, DBMS server, etc.
Extension Filtering	Blocks access of files which do not have permitted file extensions
File Upload	Blocks the upload of files which can be executed on the web server
Include Injection	Blocks the injection of untrustworthy files and external URIs
Input Content Filtering	Blocks or substitute words that are not permitted on a web site
Invalid HTTP	Blocks access not in compliance with HTTP standards
Invalid URI	Blocks access not in compliance with standard URI syntax
IP Black List	Blocks when more than the set value of access attempts from the same source IP are detected during a specific time (value set by user)
IP Filtering	Blocks access to a specific IP range or countries (set by user)
Parameter Tampering	Blocks attacks which send maliciously manipulated parameters to websites
Privacy File Filtering	Blocks leakage of private information from files transmitted from the web server
Privacy Input Filtering	Blocks leakage of private information via HTTP request
Privacy Output Filtering	Blocks leakage of private information via HTTP response
Request Header Filtering	Blocks HTTP requests having headers that are missing important information or that have been abnormally modified, such as requests from automatic attack tools and abnormal HTTP requests.
Request Method Filtering	Blocks risky HTTP request methods
Response Header Filtering	Blocks leakage of web server information via HTTP response
SQL Injection	Blocks requests to inject SQL Query statement
Stealth Commanding	Blocks requests to execute specific commands in the web server through HTTP Request
Suspicious Access	Blocks access which is not fit the standard web browser request
Unicode Directory Traversal	Blocks request of access to directory and files using vulnerabilities related to Unicode manipulation of web server
URI Access Control	Controls requests of access to specific URIs and files
Website Defacement	Detects defacement of websites and recovers the web page