Alibaba Cloud Web application firewall

A protection shield to ensure your services never shuts down

General firewalls, as it turns out, can only defend against attacks at the fourth layer, the transmission layer. However, packet attacks on Layer 7, the application layer, can leave the enterprise’s backend data open to theft and cause the site to shut down. For comprehensive protection, what is required is WAF! Protect your website’s backend data, control abnormal connection access, and even resist application-layer packet attacks—Microfusion’s WAF solution handles it all, ensuring that website services are not interrupted.

Enterprise Web Application Firewalls (WAF) help you prevent intrusion of malicious traffic

WAF, a Web Application Firewall, is like your website doorman—any visitor must be vetted before being allowed entrance to prevent intrusion of malicious traffic. And by preventing SQL injection, it can resist common attacks to ensure the security and availability of the website. WAF can effectively identify malicious characteristics within web traffic. After cleaning and filtering traffic, it will return normal and secure traffic to the original site to avoid problems such as malicious intrusion and service abnormalities. Microfusion can help enterprises check HTTP traffic through the six features of WAF and “website monitoring” mode. If traffic is found to be abnormal, it can be immediately eliminated, while normal traffic can enter.

Enjoy robust defense in just five minutes

No need to install software; no need to reconfigure the website—you just need to modify the DNS records to protect your website from potential cyberattacks.

Super-robust defense! The misjudgment rate is less than 1/100,000

Nearly a thousand built-in safety protection rules, with constant updates on the regulations each week. I. Through big data platform analysis, the overall misjudgment rate is controlled within 1/100,000.

Precise defense, proper diagnosis and treatment, supports most application scenarios

With precision defense, quickly filter malicious traffic, such as: Protecting the management backend, blocking malicious IPs, and whitelisting specific URLs. Supports a variety of common HTTP protocols, decodes common encodings, and has detection capabilities in complex environments; it is thus suitable for all cloud users.

Enriches the database and establishes credibility for the website

Security analysis is performed on billions of pieces of data every day; extraction rules are synchronized to all users for collaborative defense. Constantly adds to the malicious IP database and malicious sample database through the big data analysis, and establishes credibility for the website. One billion times per day of data traffic is analyzed for security; information is extracted and synchronized to users for collaborative defense. With ever-expanding data, the number of samples in the database is expanded and robust website credibility is established.

Detect attacks within milliseconds, and use the most immediate protection

Attacks are detected and protection takes effect within one millisecond. New protection rules can be synchronized globally within one minute, covering the security risks reported in OWASP Top 10.

High reliability, high availability

Fully automatic detection means no need for manual intervention. THe WAF automatically responds with real-time protection and attack strategies through its rich database. The cleaning service has an availability of up to 99.99%, allowing users to avoid service interruptions.

How it works

Alibaba Cloud-WAF Achitecture

In this scenario, the user accesses the website service through the URL. WAF analysis and judgment is performed within to avoid malicious attacks. Normal connection behavior is directed to the original site backend; malicious behavior is filtered and blocked.