Académique Documents
Professionnel Documents
Culture Documents
com
Swordfish
Web Application Firewall
www.obrela.com
www.obrela.com
Why SWORDFISH?
The Swordfish Web Application Firewall Technology is engineered
to be fully customizable in terms of user and group access
privileges, aligned with both Corporate and Information Security
policy. In effect, our solution addresses the security need for
ongoing operational security not just the technology:
Anomaly Detection
The rule-set keeps anomaly scores for each request, IP addresses,
application sessions, and user accounts. Attack from sources having
reconnaissance history, incomplete HTTP protocol transactions and
malicious content within HTTP transport protocol, amongst
multiple other factors, raise the abnormality score. Requests with
high anomaly scores are rejected altogether.
HTTPS/SSL Inspection
The Engine analyzes the full HTTP transaction - even over
HTTPS/SSL- allowing complete requests and responses to be
inspected for malicious input. With the high technology inspection,
fine-grained decisions can take place, ensuring that only malicious
containing transactions are logged and intercepted.
www.obrela.com
A full bandwidth
of services not
just a web
application
firewall
www.obrela.com
www.obrela.com
One-click
integration
with
Corporate
Security
Intelligence
All services provided by Obrela Security Industries are tightly integrated with
each other in order to benefit from a multi-dimension protection platform,
under a single contract, tailored to each individual requirement or use case.
The Swordfish Web Application Security, either deployed As-A-Service
(SecSAAS) or in-house (physical or virtual appliance) can be integrated with the
Corporate Security Intelligence services providing real-time monitoring of all
security aspects utilizing state-of-the-art SIEM deployments.
Security event information generated by the Swordfish WAF is being
consolidated and reported to our Security Operations Centers (SOC), where it is
being correlated & monitored and manually validated on a 24X7 basis. Incidents
requiring attention are escalated based on mutually agreed SLA and are
monitored until closure via an integrated ticketing system.
The integration allows Obrela Security Industries engineers to identify patterns
in traffic and correlate behaviors based on statistical models that would be
otherwise left unattended.
Such cases include identification of business logic vulnerabilities, identification
of changes in the underlying web application and evaluation against the
behavioral model, live identification of distributed denial of service attacks
being formatted or taking place.
www.obrela.com
Specifications
As A Service
V2100
V4100
V8100
A4100
A8100
A12100
Managed
Virtual
Virtual
Virtual
Physical
Physical
Type
Service
Appliance
Appliance
Appliance
Appliance
Appliance
Physical Appliance
CPU
Unlimited
2 Vcores
4 Vcores
8 Vcores
1 x Xeon Quad
2 x Xeon Quad
2 x Xeon Eight
Ram (GB)
Unlimited
16
Disk (GB)
Unlimited
50
100
200
250
250
500
Hypervisor
Hypervisor
Hypervisor
(SecSaaS)
Interface
N/A
depended
depended
depended
4 x Copper
4 x Copper
4 x Copper
Disk redundancy
Included
N/A
N/A
N/A
Yes
Yes
Yes
PSU redundancy
Included
N/A
N/A
N/A
Yes
Yes
Yes
Geographic
A/A
A/A
A/A
A/A
A/A
A/A
High Availability
Relocation
A/P
A/P
A/P
A/P
A/P
A/P
Form Factor
N/A
N/A
N/A
N/A
1u
1u
1u
AC Power -
100-240V, 50-
100-240V, 50-
100-240V, 50-60
Consumption - Heat
60 Hz, 130W,
60 Hz, 225W,
Hz, 250W,
450BTU/h
750BTU/h
800BTU/h
Output
N/A
N/A
N/A
N/A
3y 4h
Hardware Support
N/A
N/A
N/A
N/A
3 y NBD
Response
3y 4h Response
Unlimited
40
80
160
150
300
600
Peak Throughput
(mbps)
Positive Security Model, Negative Security Model, Automatic WebApp learning, Web server & application signatures, HTTP
Web Security
Network security
Web Console / UI
Provided
User Interface
Deployment Modes
Session Awareness
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Intelligence
Yes
Yes
Yes
Yes
Yes
Yes
Yes
SSL Inspection
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Surveillance
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Fraud Protection
Optional
Reputational
Web Resource
www.obrela.com
Virtual Patching
Yes
Yes
Yes
DDoS Protection
Optional
SIEM Integration /
24x7x365
Monitoring
Optional
Monthly Rules and definitions
Major version upgrades every 12 to 18 months.
Minor releases (service packs) every 4 to 6 months.
Updates
Yes
Yes
Yes
Yes
www.obrela.com
Learn More
http://www.obrela.com/WAF