Web Application Firewall (WAF) – WebMux FireEdge for Apps Added Safety Net

avanu techtip blog

Welcome to AVANU’s TechTip™ blogs on how to keep a network infrastructure operating smoothly and reliably with the WebMux™ Network Traffic Manager!

Why a Web Application Firewall (WAF) Does Not Replace the Traditional Firewall

This TechTip™ blog is about why a Web Application Firewall (WAF) does not replace the traditional Firewall.

Web sites have moved beyond a mere collection of static HTML pages since the emergence of Web 2.0. Now Web applications allow for dynamic sites to respond to the open public inputs on a web browser just like an individual using their personal desktop applications software. The Web servers servicing dynamic sites now become a central hub of users’ application data. If the Web servers are compromised causing service interruptions, it will affect all users. Such servers become a high target for malicious attackers exploiting their public accessibility. A traditional firewall that merely blocks ports and IPs cannot provide adequate application protection, because the service ports must remain open and attackers’ IP addresses are unpredictable. Furthermore, since Web applications respond to user input, bugs or unsecure configurations can cause them to respond in ways that cause service interruptions or security breaches.

A Web Application Firewall (WAF) is your indispensable line of defense in these situations. It does not replace your traditional firewall but rather augments it. The best location for a WAF is behind the traditional firewall but in front of the Web server. The traditional firewall will then block unnecessary ports and blacklisted IPs wholesale, while the WAF will detect additional malicious attacks. The WAF does its job by examining the web client requests and Web server responses. Thus, not only does the WAF protect against incoming malicious activities, but it also prevents your Web application from revealing information useful to attackers.

Sometimes if a Web server or application is not configured or coded properly, the server or application error response can reveal weaknesses or other exploitable information. Error responses may be helpful for developers and systems administrators, but such information should remain confidential. The WAF will keep those error responses private to prevent further probing by an attacker.

Sometimes security holes arise from unintended, overlooked, or forgotten default settings. Often server software defaults to using extremely insecure settings for debugging purposes during setup. These settings may escape revision, and it only takes one successful attack because of them to wreak havoc on a system. The WAF is a safety net that can plug some of these more commonly overlooked security holes and keep your service up and running smoothly.

webmux web application firewallAbout AVANU®

AVANU designs and develops high quality enterprise products that are cost-effective for IT network infrastructures and data centers. Products are full-featured and reliably high in performance.

WebMux™ Network Traffic Manager is an integrated enterprise-class application delivery network (ADN) and global server load balancing (GSLB) solution with its built-in FireEdge™ for Apps Web Application Firewall (WAF).

WebMux manages, controls, and secures the most stringent network traffic demands reliably, assuring peak performance. The user-friendly menu-driven interface makes WebMux fast to deploy and easy to manage. It meets the U.S. Federal Information Processing Standard Publication (FIPS) 140-2 Levels 1 & 2 validated encryption computer security standard, Trade Agreements Act (TAA), and Payment Card Industry (PCI) compliance.

For more information or a free Virtual WebMux software appliance evaluation copy, contact us by email at ‘info@avanu.com’. Telephone contact 1.888.248.4900 U.S. Toll Free Number or 1.408.248.8960 International.

 

 

 

 

Denial of Service Attacks – WebMux Network Traffic Manager

avanu techtip blog

Welcome to AVANU’s TechTip™ blogs on how to keep a network infrastructure operating smoothly and reliably with the WebMux™ Network Traffic Manager!

Denial of Service Attacks and Why a Firewall is Not Enough to Protect the Network

This TechTip™ blog is about Denial of Service attacks and why you need more than a Firewall to protect your network

Has your network ever been flooded with a rush of traffic for no good reason?

denial of service attack

This could have been caused by a cybersecurity breach in the form of a attack to your network’s infrastructure. These attacks, commonly known as cyber-attacks, cause undesirable chaos to a network. Effects of malicious attacks could include potential hijacking of valuable confidential company data, redirection of network traffic to bad sites, planting destructive malware, massive network slowdown or even network destruction bringing it completely out-of-service.

 

Malicious cyber-attacks are continually testing network infrastructures. A cyber-attack orchestrated by computer hackers are known as a Denial of Service Attack (DoS) attack. DoS is when the hacker sends an unwelcome rush of traffic that seeks vulnerabilities in a targeted network infrastructure to exploit. Another common form of attack is the Distributed Denial of Service (DDos) attack. DDoS is when there are coordinated multiple location sources targeting a specific network for a simultaneous attack.

The attacking computers attempt to establish large numbers of network connections to send massive amounts traffic through. The attack may also include un-suspecting proxies used by the attackers. This kind of attack can prevent legitimate traffic from getting through to the intended systems that are under attack.

A good quality network security firewall when properly configured plays an important role to help prevent attacks. However, a network firewall may not be enough for DoS/DDoS attacks. Firewalls use established rules and protocols that are set to either ‘ON’ or ‘OFF’ for customized configurations. The problem with this is if the firewall settings are wrong it could block legitimate traffic to the network servers. To address this problem a higher level of protection is needed for DoS/DDoS attacks.

AVANU’s WebMux Network Traffic Manager protects networks from DoS/DDOS attacks at a higher level than the firewall. The WebMux Flood Control® feature protects and manages good versus bad traffic that goes to your network. It will limit and/or stop undesired or unwanted Internet Protocol (IP) network traffic, including protocols that rely on IP, such as Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP), etc.

Flood Control also sets parameters that permit normal traffic but block traffic outside of the definition of normal. The settings are Packet Rate, Packet Threshold, and Timeout in Seconds. Those settings can be understood as the Average Packets per Second Limit, Instantaneous Packet Limit, and Amount of Time a Client IP Address Will Be Blocked in seconds.

In summary, AVANU’s WebMux Flood Control has the ability to detect attacks on the networks, trap bad IPs on the fly, and can also log the information of bad IPs for further review.

About AVANU®

AVANU designs and develops high quality enterprise products that are cost-effective for IT network infrastructures and data centers. Products are full-featured and reliably high in performance.

WebMux™ Network Traffic Manager is an integrated enterprise-class application delivery network (ADN) and global server load balancing (GSLB) solution with its built-in FireEdge™ for Apps Web Application Firewall (WAF).

WebMux manages, controls, and secures the most stringent network traffic demands reliably, assuring peak performance. The user-friendly menu-driven interface makes WebMux fast to deploy and easy to manage. It meets the U.S. Federal Information Processing Standard Publication (FIPS) 140-2 Levels 1 & 2 validated encryption computer security standard, Trade Agreements Act (TAA), and Payment Card Industry (PCI) compliance.

For more information or a free Virtual WebMux software appliance evaluation copy, contact us by email at ‘info@avanu.com’. Telephone contact 1.888.248.4900 U.S. Toll Free Number or 1.408.248.8960 International.

 

Load Balancing Scheduling Methods

Network infrastructure’s traffic loads are all different. No matter how light or how heavy, a network traffic load balancer will manage the traffic to the servers using algorithms that each have their own particular behavior. There are three common load balancing scheduling methods that have different behavioral characteristics to choose from:

Least Connections
Round Robin
Weighted Fastest Response

Least Connections
With the Least Connections scheduling method, the load balancer will send new clients to servers with the least amount of active connections. There will be occasions when clients remain connected to a server for an extended amount of time where other servers may accumulate more client connections than others.

As with any of the load balancing scheduling methods, one cannot always expect to see a leveling of distribution. As connections come and go or remain connected, different servers may gain or lose connections sooner than others. But, the selection of servers to send a client to will continue to be a dynamic decision according to the servers with the Least Connections at the time a client connects.

Round Robin
In a Round Robin scheduling method, the load balancer sends client connections to the next available server in a sequential manner. If all connections are equal in duration and activity, it would be reasonable to expect Round Robin to result in the most even distribution of connections to the servers. However, it must be considered that in real world scenarios not all connections will have equal activity and duration. So, even with Round Robin, there may be some servers carrying more connections than others; especially in cases where clients tend to remain connected for long periods of time.

Weighted Fastest Response
The Weighted Fastest Response scheduling method calculates a value based on the number of current connections, divided by the server weight. The server with the lowest value is determined to be the server that can provide the fastest response.

About AVANU

AVANU designs and develops high quality enterprise products that are cost-effective for IT network infrastructures and data centers. Products are full-featured and reliably high in performance.

WebMux™ Network Traffic Manager is an integrated enterprise-class application delivery network (ADN) and global server load balancing (GSLB) solution with its built-in FireEdge™ for Apps Web Application Firewall (WAF).

WebMux manages, controls, and secures the most stringent network traffic demands reliably, assuring peak performance. The user-friendly menu-driven interface makes WebMux fast to deploy and easy to manage. It meets the U.S. Federal Information Processing Standard Publication (FIPS) 140-2 Levels 1 & 2 validated encryption computer security standard, Trade Agreements Act (TAA), and Payment Card Industry (PCI) compliance.

For more information or a free Virtual WebMux software appliance evaluation copy, contact us by email at ‘info@avanu.com’. Telephone contact 1.888.248.4900 U.S. Toll Free Number or 1.408.248.8960 International.

Network High Availability – Reduce your network infrastructure risk

Network high-availability is critical to your network infrastructure.  With high-availability, your network will run smoothly overcoming network disruption.

There are important factors to preserve a network’s stability.  These include performance, scalability, and redundancy/fault tolerance along with reducing site maintenance downtime.

If you are assessing your network infrastructure’s uptime risks, there couldn’t be a better time to take advantage of AVANU’s free high-availability offer for the WebMux Network Traffic Manager.  Software appliance for enterprise-class virtual computing that is full-featured in an integrated load balancing solution (ADN, GSLB, and WAF).

Get a FREE AVANU WebMux Network Traffic Manager software appliance (AVE-500 Edition) for your Virtual computing network with the purchase of one AVE-500 Edition.

• Fully integrated enterprise-class application delivery network (ADN) and global server load balancing (GSLB) solution with its built-in FireEdge™ for Apps Web Application Firewall (WAF).

• Software appliance for Virtual computing platforms: VMWare®, Citrix XENServer®, Microsoft Hyper-V® (GEN 1, 2), Oracle VirtualBox®, XEN® Project, KVM (Kernal-based Virtual Machine)

• High availability for your enterprise virtual infrastructure environment

• Up to 5 Gbits/s load balancing network traffic throughput (Internet link less any overhead)

• FIPS 140-2 (Level 1) SSL Security compliant

• TAA compliant (Developed in USA)

• Includes a full year of product technical support

Act now as this is a limited time offer – Contact us!

New to AVANU’s WebMux Network Traffic Manager?

Request your full working 30-day license here.

About AVANU®

AVANU designs and develops high quality enterprise products that are cost-effective for IT network infrastructures and data centers. Products are full-featured and reliably high in performance.

WebMux™ Network Traffic Manager is an integrated enterprise-class application delivery network (ADN) and global server load balancing (GSLB) solution with its built-in FireEdge™ for Apps Web Application Firewall (WAF).

WebMux manages, controls, and secures the most stringent network traffic demands reliably, assuring peak performance. The user-friendly menu-driven interface makes WebMux fast to deploy and easy to manage. It meets the U.S. Federal Information Processing Standard Publication (FIPS) 140-2 Levels 1 & 2 validated encryption computer security standard, Trade Agreements Act (TAA), and Payment Card Industry (PCI) compliance.

For more information or a free Virtual WebMux software appliance evaluation copy, contact us by email at ‘info@avanu.com’. Telephone contact 1.888.248.4900 U.S. Toll Free Number or 1.408.248.8960 International.