Locks circle around a digital globe.

Web application firewall: protect online applications

With a web application firewall, companies protect their online applications and interfaces while maintaining high performance levels

Fend off cyberattacks with a web application firewall

A web application firewall (WAF) offers the best possible protection for web applications, apps, and web interfaces. It analyzes HTTP traffic between clients and web servers and can respond directly to unusual behavior by blocking communication and fending off attacks. With a WAF, companies can protect their web applications against targeted attacks on weak points (operating systems, unpatched apps, applications with outdated libraries) before patches are delivered.

Run online applications – securely

Whether an online shop, a mobile app, or the supplier and manufacturer interfaces: services and applications accessible from the web constitute the public face of every company and make a very significant, often even decisive contribution to turnover. While classic security components protect the company network and the users, a WAF serves to protect these web applications and stands between the clients and the applications to be protected. It monitors all communication (Layer 7 – 99.9 percent of HTTPS sessions) and prevents dangerous, insecure, or unusual requests.

One of the main tasks of a WAF is to protect against the OWASP Top 10 – i.e., the list of the most common vulnerabilities, which is regularly updated by the highly regarded Web Application Security Project. These include injection attacks, fake authentication, interception of sensitive user data, cross-site scripting, and much more. In addition, the Advanced WAF from T-Systems offers effective protection against attacks from bot networks, against organized threat campaigns, and against encrypted and unencrypted layer 7 DDoS attacks. A WAF can be operated both on-premises in a company's data center and virtually (i.e., in the cloud). Both variants offer direct and indirect protection measures for the development as well as for the integration and operation of web applications.

Whitepaper: IT Security in the cloud age

Read more on new security requirements as part of the cloud transformation.

Main application areas for web application firewall systems

  • Full proxy for highly efficient protection of web applications, web servers, and APIs
  • Protective measures against attacks on web applications and APIs (OWASP Top 10)
  • Layer 7 protection against application-specific DDoS attacks
  • Credential protection and regulatory compliance
  • Fail-safe web applications protected against bots and botnets 
  • Compliance with the data security standards of the credit card industry
  • Recommended for web services such as SAP, SalesForce, etc.    

We look forward to your project!

We are happy to provide you with the right experts and to answer your questions about planning, implementation, and maintenance for your digitalization plans. Get in touch!

Do you visit t-systems.com outside of China? Visit the local website for more information and offers for your country.