Web Application Firewall (WAF)
Enterprise-class Web Application Firewall.
- Ability to meet appliance PCI DSS requirements
- Protection against all OWASP Top 10 and / or PCI DSS Requirement 6.5
- Ability to allow, alert or block web application input based on rules
- Prevent data leakage or cardholder information
- Enforce both whitelisting and blacklisting
- Inspect all web page content, e.g. HTML, DHTML, CSS over HTTP/HTTPS
- Inspect web services messages, e.g SOAP and XML
- Defend against direct threats to the Web Application Firewall
- Support SSL or TLS termination
Zenedge Web Application Firewall (WAF) service is a PCI DSS Compliant robust solution and can be utilized for our customers to comply with PCI DSS by making Requirement 6.6 easy and stress-free for your team. PCI requirement6.6 was designed to directly address the threat against Ecommerce web applications and in general applications capturing credit card numbers. A Web Application Firewall wil not only provide an extra layer of protection against software vulnerabilities that may be inadvertenltly created by the web development tem, but also any inherent software vulnerabilities that may be built into the vendor web application itself, especially zero-day vulnerabilities where the vendor does not have a patch released yet. As a bonus, it’s all that’s required to satisfy PCI DSS 6.6.
Cloud based, Network Layers 3,4,7. Can do website vulnerability assessments, have template for presenting results.
Unified Security Service
Censornet USS enables you to monitor and control Web, Email and Cloud Application use to provide complete security for your organisation from one dashboard.
- Cloud Application Visibility
- Cloud Application Control
- Safe anywhere on any device
- Safe Web Access
- Email Security
- Safe from Malware
- Analytics across email, web and applications
- Fast and Unobtrusive
Censornet USS enables you to monitor and control Web, Email and Cloud Application use to provide complete security for your organisation from one dashboard. You can protect your employees, whether in the office or mobile, against cyber-attacks, and accidental or malicious leaks of sensitive data. Keeping your organisation safe from from the risks associated with the rapid growth in cloud applications, and the emergence of Shadow IT. USS is a comprehensive cyber security service that combines modules for the security, monitoring and control of web, email and cloud application across your network in one dashboard and logging service, meaning that common policies can be easily applied and incidents tracked across different media. USS provides the security and control of an on-premise or end point component with the flexibility and mobility of a cloud service. It is the next generation in Email and Web security with Cloud Application Control giving you the power to extend web access policies to Bring Your Own Device initiatives and to monitor and control Shadow IT.
- Software for Networks
- Available as a downloadable software, CensorNet’s Cloud Gateway software can be deployed on a virtual server or physical server in less than 30 minutes to extend security policies to the entire network
- Agent Software for Roaming Users or Standalone Devices
- Microsoft Windows agent that enforces policies on the device. Tamper proof and simple to deploy either with an install wizard or scripted via Active Directory Group Policy. Mac OS X version will be available soon.
- Secure Browser for iOS
- A secure browser app for iOS6 and above provides an alternative to Safari which extends the web access controls to the mobile device
- Highly optimised for large networks, the solution takes advantage of multiple processors, all available RAM and has a 64-bit architecture
- Deployment Modes
- Agent software, Direct proxy (set by group policy, WPAD or manually), or gateway mode for guest, BYOD or non-domain devices
- WPAD Support
- Automatic creation of Web Proxy Automatic Discovery (WPAD) file based on network configuration
- BYOD Captive Portal
- The Captive Portal allows existing users or guests to adopt BYOD and log in from those devices with valid user credentials e.g. Active Directory