Qualys will release the beta of its new cloud WAF solution as an Amazon Machine Image (AMI) and as a VMware virtual image for on-premise deployments starting August 1.
Qualys’ new WAF service is delivered through the multitenant, highly scalable QualysGuard Cloud Platform, providing customers centralized management capabilities, distributed protection and ease-of-use, whether applications are running on premise or in the cloud.
WAFs work by shielding web sites by applying a set of rules to HTTP conversations to prevent them from being attacked. However, WAF technology is costly and complex to apply because these rules need to be customized to the applications, and they must be updated often to cover changes to the applications and to address new and emerging threats. As a result, many organizations cannot afford to deploy WAFs, or they can only deploy them on a select number of mission critical web properties.
The new QualysGuard WAF is designed to provide:
- Real-time application defense, blocking attacks against websites as they happen.
- Application hardening, minimizing application attack surfaces by providing a shield around coding defects, application framework flaws, web server bugs and loose configurations.
- Low-cost, automated service maintained and updated by Qualys’ security experts providing new defenses and features transparently to users and site visitors.
- A multitude of deployment options for distributed WAF protection points managed through a common, central policy administration and reporting interface with APIs for integration.
Customers using WAF will experience benefits including:
- Always up-to-date rules.
- Immediate rules deployment on all WAFs connected to QualysGuard.
- Maximum efficiency as rules are strengthened with security events from all WAF customers.
- In-cloud or on-premise web site protection, with a SaaS platform providing centralized management for distributed WAF virtual appliances.
“Qualys is committed to delivering powerful, effective cloud solutions that remove the cost and complexity associated with IT security and compliance, and we are excited to provide an affordable, automated solution with our next generation WAF,” said Philippe Courtot, chairman and CEO for Qualys. “The debut of our WAF service in beta for Amazon EC2, as well as with an on-premise virtual appliance image, will offer customers the flexibility they need to protect their applications no matter where they reside.”