Zeus Application Firewall Module

What is a web application firewall (WAF)?


Customer portals, online stores and online banks are highly vulnerable to attacks aimed at the web application level weak points and not just the network. No matter whether your organization offers a customer portal, online banking, e-retail or bookings services, attacks of this nature threaten your users’ confidential information.

A web application firewall is designed to address these issues and is different to a standard firewall. A standard firewall is intended to limit access to designated ports or services that an IT Manager does not want people with insufficient privileges to get access to. According to the Web Application Security Consortium a web application firewall is described as the following:

"An intermediary device, sitting between a web-client and a web server, analyzing OSI Layer-7 messages for violations in the programmed security policy. A web application firewall is used as a security device protecting the web server from attack."

How does a WAF work?


Web application firewalls are designed to look at every request and response relating to the applications deployed at the web service layer and deal with HTTP/HTTPS/SOAP/XML-RPC traffic protocols. WAF capabilities can vary from those that look to identify specific attacks to those that look for unusual behaviour that doesn't fit the usual website application traffic patterns.

Why do you need a WAF solution?


Zeus’ comprehensive and flexible Zeus Application Firewall Module solution is designed specifically to help organizations achieve Payment Card Industry Data Security Standard (PCI DSS) compliance. This is a global requirement that organizations that trade online must meet, and regulates how organizations process, transmit or store credit card information.

The PCI DSS compliance requirement also defines a set of security procedures that an organization must meet. Section 6.6, of the policy mandates that an organization must either perform regular security reviews of the source of all public facing applications or deploy and configure an appropriate web application firewall.

Why choose Zeus?


Zeus Application Firewall Module helps organizations meet these requirements and can be easily configured with additional security policies to detect and prevent future attacks to your applications. Zeus Application Firewall Module identifies and classifies transactions, comparing them against an extensive set of known and suspicious requests. The Zeus web application firewall also securely handles non-permitted requests so they never reach the application and are logged for auditing purposes.

Together the Zeus Traffic Manager and Zeus Application Firewall Module can secure any web application from a wide range of known attacks and protect against data leaks, while accelerating and load balancing traffic to ensure that your organization can create, manage and deliver exceptional online services at all times.

Read more: Technical specifications for Zeus Application Firewall Module

Read more: How a Zeus Application Firewall Module works

PCI DSS Compliance with Zeus Traffic Manager and Zeus Application Firewall Module

PCI DSS (Payment Card Industry Data Security Standard) is a pragmatic set of best practices and security measures that any organization must follow if they accept and handle cardholder data online. The standard encompasses network security, data protection, data encryption, system security, access control, ongoing monitoring and testing and security policy development.

The PCI DSS requirements are met through a combination of organizational processes and technical systems. There is no single ‘silver bullet’ to achieve PCI DSS compliance, but careful selection of technology can expedite the process, freeing the organization to concentrate on its unique value-generating activities.

Free software evaluation - take Zeus Traffic Manager and Zeus Application Firewall Module for a test drive

To download Zeus software for evaluation - click here.

Contact us to discuss how a Zeus solution can benefit your organization.