تار بُد – Web Application Firewall (WAF)

نام «تار بُد» از «تار» معادل فارسی WEB مشتق شده است. این سامانه عملکرد­های تخصصی مورد نیاز برای تأمین امنیت سرورهای WEB را تأمین می­نماید. در زیر قابلیت­های این سامانه مرور می­شود.

• Protects Web sites and Web applications against application layer attacks
  • Cross Site Scripting (XSS)
  • SQL injection flaws
  • OS command injections
  • Site reconnaissance
  • Session hijacking
  • Application denial of service
  • Malicious probes/crawlers
  • Cookie/session tampering
  • Path traversal
  • …

• SSL Offloading
• SSL Acceleration
• Load Balancing
• HTTP Traffic Logging
• Attack Prevention and Just-in-time Patching
• Real-time Blacklist Lookups – utilizes 3rd Party IP Reputation
• Web-based Malware Detection – identifies malicious web content by check against the Google Safe Browsing API.
• HTTP Denial of Service Protections – defense against HTTP Flooding and Slow HTTP DoS Attacks.
• Automation Detection – Detecting bots, crawlers, scanners and other surface malicious activity.
• Integration with AV Scanning for File Uploads – detects malicious files uploaded through the web application.
• Tracking Sensitive Data – Tracks Credit Card usage and blocks leakages.
• Trojan Protection – Detecting access to Trojans horses.
• Identification of Application Defects – alerts on application misconfigurations.
• Error Detection and Hiding – Disguising error messages sent by the server.
• Delivers best practices security right out of the box
• Monitors traffic and provides reports about attackers and attack attempts
• In-Line Vulnerability Detection
• Flexible Rule Engine
• Secure HTTP traffic