Today at the RSA Conference, Qualys announced the availability of its QualysGuard Web Application Firewall (WAF) service for web applications running in Amazon EC2 and on-premise.
Deployed as a virtual image alongside web applications, the QualysGuard WAF can be set up and configured within minutes, enabling organizations to easily provide protection for their websites.
WAF technology shields websites by applying sets of rules to HTTP conversations to prevent them from being attacked, but the technology is typically costly and difficult to apply because the rules need to be updated often to cover application updates and to address changing threats.
The QualysGuard WAF cloud service provides rapid deployment of robust security for web applications with minimal cost of ownership, and it is constantly updated with new rules to keep up with application updates and newly emerging threats.
“Large organizations typically have thousands of web applications to protect, while smaller businesses don’t have the resources and IT staff to protect them,” said Philippe Courtot, chairman and CEO for Qualys. “The general availability our WAF service will offer customers the flexibility they need to protect their applications no matter where they reside and whether they have a few or thousands of them.”
QualysGuard WAF offers:
Easy, simple set-up. QualysGuard WAF is deployed as a virtual image alongside web applications. It can be set up and configured in minutes, requiring no equipment or admin resources or dedicated security staff to get set up and running.
Real-time application defense and hardening. QualysGuard WAF blocks attacks against websites in real time. The service provides a shield around coding defects, application framework flaws, web server bugs, and improper configurations.
Seamless, automatic updates, increasing security over time. Running on the QualysGuard Cloud Platform, the WAF service is updated automatically with new defenses from the Qualys research team, and the defense is activated intelligently according to specified policies – all without disrupting the websites or site visitors.
Centralized Cloud Management. Delivered via the QualysGuard Cloud Platform, WAF can be centrally managed from anywhere in the world via the QualysGuard console. It provides a clear dashboard showing timelines and geolocation graphs of events. The cloud platform also provides maximum efficiency by security events from all customers, with immediate rules deployment to all WAFs connected to it.
QualysGuard WAF is available for download as a VMware virtual image to protect web applications residing on premise within datacenters. Amazon Web Services (AWS) users can launch WAF appliances from an Amazon Machine Image (AMI) to gain real-time defense of their websites and applications running on Amazon EC2, protecting them against attack. QualysGuard WAF is sold as annual subscriptions starting $1,995 for small businesses and $7,995 for larger enterprises based on the number of web applications and virtual appliances.