Application Security Gateway

Application Security Gateway is a product that provides visual security analysis and application layer threat protection for websites or APP services. By providing features such as WAF, user access audit, service security visibility and compliance check, it can guarantee stable and continuous operation of the service, improve user experience, and solve the abnormality or compliance problems of HTTP/HTTPS service caused by attacks to network service provider.

Try Now

Benefits

Business Protection
The WAF and CC protection are provided and all services are secure and visual. Security features are provided, for example user access to log and audit.
Exclusive Service
It is deployed at or in the VPC border, with exclusive resources and dynamic scaling. There are no interactions to cluster sharing service users.
E-W Protection
The traffic protection is performed for portal websites and enterprise portals in the north-south direction and for intracloud objects such as web modules and E-commerce components in the east-west direction.
Fast and Convenient Deployment
It is not required to carry out the switching setup for DNS and only the Load Balancer is associated, so that the certificate self-management can be realized, the bypass detection mode is supported and the effect of customized policy is validated in real time.

Features

Web Security Protection

OWASP TOP 10 Threat Protection

Effective defense against OWASP TOP 10 attacks such as SQL injection, XSS attacks, command/code execution, file inclusion, Trojan virus uploading, path traversal, malicious scanning and so on.

0Day Vulnerability Protection

The professional attack-defense team carries out a 7*24h follow-up for 0day vulnerability, analyzes the vulnerability principle and develops a security protection policy to provide protection in time.

CC Attack Protection

Support global model and single IP protection mode, check CC attack protection based on multiple challenge check algorithms and protect DOS function of the application layer.

Visualization of Business Security

Attack Classification Report

Five security analysis reports, including Web Security, CC Attack, Custom IAM Rules, User Access, and Operation Monitoring, are provided for insight into the workload monitoring status, security protection status and effect.

Attack Trend Graph

By viewing the attacking trend graph, it can know hacker’s concern to business.

CC Attack Protection Trend

View protection effect and statistics in real time via CC attack trend statistics.

IAM Trend

Search the users' access conditions in real time by carrying out the statistics & analysis to IAM rules formulated by the users.

Security Compliance

Precise IAM

The users can combine HTTP protocol fields to formulate IAM rules, confirm priority and provide multiple customization methods and simple logic syntax to meet the individual needs.

Access Log Record

Record the access logs of all users on the business website, provide trend analysis and Log Download feature as needed.

Webpage Tamper-proofing

The webpage tamper-proofing uses the mandatory static cache locking and update mechanism to protect specific webpages. Even though relevant webpage of origin server is tampered, it can be returned to the user cache page.

Administrator Operation Audit

Provide audit logs for operation of all administrators and provide the same on demand when checking security compliance.

BOT Management

CC Attack Protection

Provide multiple modes to protect the application layer DOS.

Anti-brute Force Crack

Provide IP blocking feature to intercept malicious users in real time.

Anti-violent Cracking

Enable protection against violent crack and protection against Y.C, robot crack, etc.

Convenient Management

RESTfulAPI Support

Provide a full set of RESTfulAPI interfaces for page customization

No DNS Modification

There is no need to modify the DNS for service protection and monitoring. By associating the Load Balancer, direct IP access is supported.

HTTPS Support

Upload ssl certificate on the Load Balancer and implement HTTPS detach management.

Scenarios

Defensive Deployment Scheme with High Flexibility

Application Security Gateway can associate EIP's Load Balancer and the Load Balancer in VPC for collaborative work. Therefore, it can defend the Internet attack and internal attack from VPC.