Table of Contents
Advertisement
staging environment, the SRA appliance learns valid inputs for each URL accessed by the
trusted users. At any point during or after the learning process, the custom rules can be
generated based on the "learned" profiles.
Rate Limiting for Custom Rules
Starting in SRA 5.5, it is possible to track the rate at which a custom rule, or rule chain, is being
matched. This is extremely useful to block dictionary attacks or brute force attacks. The action
for the rule chain is triggered only if the rule chain is matched as many times as configured.
Cookie Tampering Protection
Cookie Tampering Protection is an important item in the Payment Card Industry Data Security
Standard (PCI DSS) section 6.6 requirements and part of the Web Application Firewall
evaluation criteria that offers strict security for cookies set by the backend Web servers. Various
techniques such as encryption and message digest are used to prevent cookie tampering. See
"Configuring Cookie Tampering Protection Settings" section on page 247
information.
Credit Card and Social Security Number Protection
Credit Card/SSN protection is a Data Loss Prevention technique that ensures that sensitive
information, such as credit card numbers and Social Security numbers are not leaked within
Web pages. Once such leakage is detected, the administrator can choose to mask these
numbers partially or wholly, present a configurable error page, or simply log the event. See
"Configuring Information Disclosure Protection" section on page 248
Web Site Cloaking
Web Site Cloaking prevents guessing the Web server implementation and exploiting its
vulnerabilities. See
information.
PDF Reporting for WAF Monitoring and PCI DSS 6.5 and 6.6 Compliance
Starting in SRA 5.5, PDF reporting is introduced for Web Application Firewall Monitoring and
PCI DSS 6.5 and 6.6 Compliance. You can generate the reports on the Web Application
Firewall > Status page. The timeline for generating the data published in the reports is
configurable on the Web Application Firewall > Monitoring page.
Benefits of Web Application Firewall
Web Application Firewall is secure and can be used in various areas, including financial
services, healthcare, application service providers, and e-commerce. Dell SonicWALL SRA
uses SSL encryption to encrypt data between the Web Application Firewall and the client. Dell
SonicWALL SRA also satisfies OWASP cryptographic storage requirements by encrypting keys
and passwords wherever necessary.
Companies using Web Application Firewall can reduce the development cost required to create
secure applications and also cut out the huge turnaround time involved in deploying a newly
found vulnerability fix in every Web application by signing up for Web Application Firewall
signature updates.
Resources accessed over Application Offloaded portals and HTTP(S) bookmarks can be
vulnerable due to a variety of reasons ranging from badly designed architecture to
programming errors. Web Application Firewall provides an effective way to prevent a hacker
from exploiting these vulnerabilities by providing real-time protection to Web applications
deployed behind the Dell SonicWALL SRA appliance.
62 | SRA 6.0 Administrator's Guide
"Configuring Web Site Cloaking" section on page 248
for additional
for additional information.
for additional
Hide quick links:
Advertisement
Chapters
Table of Contents
