WAPPLES

The Logical Web Application Firewall

WAPPLES is the top Web Application Firewall (WAF) choice for customers.

The unique intelligent security engine (COCEP) of WAPPLES can block even unknown attacks, and provide accurate detection with low false positive rates. With all of its security features, it provides the best performance. With easy security settings and operational convenience, WAPPLES leads the popularization of the web application firewall with a broad range of customers.

OWASP Top 10(2013)Network FirewallIDS / IPSWAF
A1: Injection
A2: Broken Authentication and Session Management
A3: Cross Site Scripting(XSS)
A4: Insecure Direct Object References
A5: Security Misconfiguration
A6: Sensitive Data Exposure
A7: Missing Function Level Access Control
A8: Cross Site Request Forgery(CSRF)
A9: Using Components with Known Vulnerabilities
A10: Unvalidated Redirects and Forwards
*OWASP Top Ten Web Application Security Vulnerabilities (2013)

The WAPPLES product family includes the appliance-type WAPPLES, WAPPLES MS, which is an consolidated management system  for several WAPPLES, and WAPPLES V-Series, on a virtual appliance.

In addition, WAPPLES Management Portal (WMP) can monitor the management target WAPPLES in real time, allowing management of the environment in a simple and efficient way. The expected effects are simple:

web application firewall equation in yellow and orange

WAPPLES, as a web application firewall, copes against key web attacks, including SQL Injection, to maintain the security of the environment

  • As an information leakage protection solution, it can satisfy compliance issues, including the privacy protection act

  • As an illegal login prevention solution, it can prevent unauthorized logins through access control, ensuring security of network and data

  • As a website forgery and manipulation prevention solution, it can cope with these types of attacks to websites and DBs, ensuring security

Product Features

WAPPLES_정면_썸네일

  • Installed with the logic detection engine (COCEP)
  • Provides a policy-based security setting
  • Prevents leakage of personal information
  • Policy-based Setting
  • Convenient dashboard feature
  • Simple and easy security settings with a GUI-based setup wizard
  • Searches logs by period/source/URI/country
  • Sends logs in an Excel format and supports backup/deletion/recovery of logs
* COCEP: Contents Classification and Evaluation Processing

Features

High security without incorrect detection

With the intelligent engine COCEP*, it can detect manipulated attacks and unknown attacks immediately. Provides accurate detection through semantic analysis and heuristic attack method analysis. Blocks the DDoS at the application level. Provides accurate personal information verification and blocking by using the verification mechanism (Luhn algorithm: ISO/IEC7812).
* COCEP: Contents Classification and Evaluation Processing
wapples features

Stable and high performance

Provides high performance by optimizing attack detection. Provides high-performance processing by adopting In-Memory Computing technology. Maintains high performance at the high-level security detection setting. Allows expansion of bandwidth by supporting bonding.
Supports various network environments. (EtherChannel, Multi-Segment, VLAN, etc.)

Easy and convenient security management

Installable without changing the existing network environment. A GUI-based setup wizard allows easy and convenient security setup. Applies security features by registering in the Web server and domain.

Supports various web environments

Supports various network environments, including Inline, Reverse Proxy, Transparent Proxy, and HA. Provides various product lineups for small-/mid-/large-scale web service environments.

Product Specifications

Value Class

ModelWAPPLES-50WAPPLES-100WAPPLES-500
Appearanceintelligent waf wapples 50intelligent waf, wapples 500wapples-500
HardWare
Type1U1U1U
Memory4 GB4 GB8 GB
HDD160 GB500 GB500 GB

Performance Class

ModelWAPPLES-1200WAPPLES-2200
Appearancewapples-1200wapples-2200
HardWare
Type2U2U
Memory8 GB16 GB
HDD1 TB1 TB
SSD128 GB128 GB

High-End Class

ModelWAPPLES-5200WAPPLES-10000
Appearancewapples-5200_newwapples-10000_new
HardWare
Type2U2U
Memory24 GB32 GB
HDD1 TB1 TB
SSD128 GB128 GB

Product Configuration

Configuration Example of Inline Mode

Configuration Example of Proxy Mode

Implementation Procedure

When adopting WAPPLES, it is important to set the optimized policy according to various customer environments. WAPPLES is installed and set after pre-examination of the customer environment for analysis. After installation, the detection logs are analyzed during the monitoring period, and the policy is optimized according to the analysis result to complete the final implementation.

1

Pre-Inspection

Pre-inspection

2

Install and Configuration

  • WAPPLES installation
  • WAPPLES configuration
  • Operation test and demonstration

3

Supplement Policy

  • Detection log analysis
  • Analysis report
  • Policy modification