Hillstone W-Series | WAF

SOLUTION OVERVIEW
Hillstone WAF combines traditional rule-based detection with innovative semantic analysis. This binary approach significantly improves accuracy while minimizing the number of "false positives" events. Hillstone WAF also uses machine learning technology to tune security policies and block unknown threats and attacks. In addition, logs can be automatically aggregated across multiple dimensions, allowing administrators to easily identify suspicious anomalies or locate false positives and then fine-tune policies as needed.

FEATURES
Comprehensive web application security
Hillstone Web Application Firewall (WAF) provides complete web application and API security for enterprises and other organizations. It detects and defends against both network layer attacks (such as DDoS attacks, flood attacks, scanning and spoof attacks, etc.) and application layer attacks (such as OWASP Top 10 threats, including injection attacks, cross site scripting (XSS) attacks, injection, etc.). Hillstone WAF automatically identifies web servers and associated assets and covers them with protection. As a result, Hillstone WAF covers the entire web environment with protection, even as it scales, allowing for greater operational efficiency and faster delivery of value.

Advanced API protection
With the rise of digital transformation, APIs are playing an increasingly important role in application development and integration. The popularity of APIs potentially exposes additional attack surfaces, such as data overexposure, lack of resources and speed limitation, injection and XSS attacks among API calls, etc. Based on the schema defined in OpenAPI files, Hillstone WAF helps validate and generate positive security model policies to detect these threats in APIs.

Improved detection accuracy and efficiency with two engines
Hillstone WAF integrates the industry's most innovative semantic analysis with traditional WAF detection engines. Combined with traditional rule-based detection, the semantic analysis engine helps further detect threats such as SQL injection and cross site scripting, and minimizes false alarms by creating context awareness. Hillstone WAF's recursive decoding feature also detects attacks that are obscured by multiple layers of encryption. This two-pronged approach significantly improves detection accuracy and performance.

Intelligent analysis and reporting through logs
Hillstone Web Application Firewall provides administrators and operators with high visibility and comprehensive reports with threat analysis, traffic analysis, attack distribution and threat control. The log aggregation feature collects logs from multiple tiers to help operators easily identify suspicious anomalies or find false results from logs, and then tune policies accordingly.

Machine learning-based security rule optimization and defense against unknown attacks
In addition to general rule-based and script-based protection for known attacks, Hillstone WAF has an automatic learning feature that helps mitigate unknown threats to protect specific applications from zero-day attacks. The ML-based model learns from data from normal traffic, such as parameter lengths, cookies, HTTP methods, etc., tunes itself based on test results as well as data from administrators, and continues to update learning models and optimize Web Application Firewall rules as applications evolve. It significantly reduces operational costs by eliminating troubleshooting false positives and manual rule tuning.