WAF » Web Application Firewall

Is your corporate website a static collection of HTML pages? Of course not. Most modern enterprise websites are now complex portals with dynamic widgets that call back end applications and present consolidated information to consumers: customers, partners and employees.

Legacy Web Application Firewalls (WAFs) serve a strong role in protecting enterprises against threats for simple static HTML pages. However, dynamic portals and websites that generate HTML, XML, JSON, SOAP, and RESTful traffic require Forum Sentry WAF - The Next Generation Web Application Firewalls for protecting content generated by sophisticated enterprise portals. Legacy Web Application Firewalls cannot protect complex traffic patterns generated by dynamic web portals.

FORUM SENTRY Web Application Firewall

SECURE HTML, XML, JSON TRAFFIC

Looking for Forum XWall? XML Firewall features are now included with Forum Sentry.

Sentry WAF » Appliance

Forum Systems WAF allows enterprises to achieve a higher return on investment by implementing secure, scalable service-oriented architectures and event-driven portals. Our rack mount appliance offers 64-bit multiprocessor with crypto accelerator and optional FIPS Level III HSM. If your portal is built using dymanic widgets that generate HTML, JSON, XML, SOAP traffic, you need a Forum Sentry WAF for comprehensive security.

Forum WAF provides the following advantages to enterprises:

UNIFIED HTML & XML ARCHITECTURE

Centralized threat mitigation security for HTML, XML, SOAP protection across SOA and RESTful transactions
Unified root-cause analysis for HTML and XML messages
Strong Identity Mangement and Mediation
Broad support beyond HTTP into enterprise protocols including Tibco EMS, IBM MQ, JMS, FTP, SMTP
Reduce Appliance Fatigue through combining HTML and XML protection

COMPREHENSIVE SECURITY PROTECTION

Defense against SQL Injection, Cross Site Scripting, Cookie Poisioning
Address OWASP Top 10 for HTML and XML traffic
Defense against XML Schema Poisoning, XML Bombs, Malware via Attachments, SQL Injection, Routing Detours. See full list of XML Protection
Cryptographic accelerated Signature, Encrpytion and SSL security
Native Protocol support for HTTP(S), Tibco EMS, IBM MQ, JMS, FTP, SMTP
Stateful Request and Response message processing

AUTHENTICATION & AUTHORIZATION

HTTP Basic Authentication
SSL X.509 Certificate Authentication
Security Assertion Markup Language (SAML)
WS-Security (User Name Token, X.509 Certificates and SAML)
Vendor Identity Plug-ins: SiteMinder, Oracle Access Manager, WS-Trust, XACML
Network, REST and WSDL message level Access Control

CENTRALIZED VISIBILITY & CONTROL

Consolidated transactional logs across HTML,JSON, SOAP, XML messages
RDBMS archiving for compliance Audits
Syslogs, SNMP, parsable logs
Policy-based fine-grain and coarse-grain controls
SLA Monitoring, rate-based Throttling across transaction types

PROTOCOL & DATA-LEVEL SECURITY POLICIES

HTTP, JMS, MQ Header Inspection
WSDL Operation and URI filtering
Content filtering using XPath and regular expressions
Digital Signatures and Encryption
Composite Schema Validation
Antivirus attachment scanning

SPECIFICATIONS

HTML, JSON, XML, SOAP
WSDL, XSLT, XSD Schema, DTD, XPath, UDDI
XML Digital Signature, XML Encryption, WS-Encryption, WS-Digital Signature
WS-Trust, WS-Policy, XACML
WS-I Basic Profile
WS-Security Token Profiles
PKCS, CRL, XKMS

Sentry WAF » Software

Forum Web Application Firewall is also avaliable in software form factor for Windows, Linux, and Solaris operating systems. The feature set is the same as that of the appliance form factor with the exception of FIPS hardended key storage and hardware based cryptographic acceleration for signature, encryption, and SSL.

Sentry software features include: