IT Home reported on December 12 that according to the cloud WAF evaluation results of the China Academy of Information and Communications, China Telecom Tianyi Cloud Web Application Firewall (native version) successfully passed the evaluation. Web application firewall is one of the important products to ensure user application layer security, and cloud WAF is an important part of it. Compared with traditional host software based protection, cloud WAF is more flexible in deployment, simpler in operation and maintenance, and can significantly reduce the burden of enterprise security protection.
In order to standardize the capability requirements of cloud WAF and promote the implementation and use of cloud WAF in domestic enterprises, the ICT Academy has formulated the standard Work of Cloud Web Application Firewall Capability Requirements, which puts forward requirements for cloud WAF capability from multiple levels, including six dimensions of service access, access control, security protection, security protection capability, performance and scalability, and reliability, It provides a reference for domestic enterprises to effectively attack the increasingly complex web in the cloud era and test the cloud WAF technology capabilities.
The site level protection can no longer meet the flexible needs of web protection. Cloud WAF needs to have the ability to detect API behavior, improve the ability to monitor unknown risks, and strengthen the identification and blocking of unexpected BOT traffic; In addition, cloud WAF is an important defense line to ensure enterprise network security. It needs high availability to ensure uninterrupted defense.
IT home learned that Tianyi Cloud Web Application Firewall (native version) can provide one-stop security protection for users' Web applications, including Web application attack protection, CC attack protection, BOT protection, etc., covering most of the current attack means, it can effectively identify the characteristics of malicious requests and prevent them from being maliciously invaded, Protect the core business security and data security of the website.
Officially, Tianyi Cloud Web Application Firewall (native version) adopts cloud native mode and provides convenient access for cloud users by combining with the capabilities of Tianyi Cloud cloud base; Rely on the IaaS and PaaS capabilities of cloud base to provide stable and high-quality services; With the monitoring and management capabilities of cloud base, the operation and maintenance management is more convenient; Based on the advantages of cloud platform data analysis, security detection is more accurate. In addition, in the cloud native mode, cloud WAF can be combined with other atomic security capabilities to further improve the security guard capabilities of cloud WAF.
Tianyi Cloud Web Application Firewall (native version) integrates multiple heterogeneous protection engines, combines semantic features and machine learning classification algorithms, and significantly improves detection accuracy and recall; Continuously optimize the high-quality attack detection rule set, give consideration to the performance and simple configuration, and well cover the common attack types of OWASP; Support multi-dimensional user-defined rule configuration, flexibly configure attack identification and confrontation strategies based on session characteristics, accurately intercept, and reduce false positives; The carrier level cloud resource pool architecture is adopted, and the cluster+redundancy high availability mode is used to effectively eliminate single points of failure and improve service availability.
