Dell SonicWALL Secure Mobile Access 8.5
Administration Guide
66
PDF Reporting for WAF Monitoring and PCI DSS 6.5 and 6.6 Compliance
PDF reporting is introduced for Web Application Firewall Monitoring and PCI DSS 6.5 and 6.6 Compliance. You
can generate the reports on the
Web Application Firewall > Status
page. The time line for generating the data
published in the reports is configurable on the
Web Application Firewall > Monitoring
page.
Benefits of Web Application Firewall
Web Application Firewall is secure and can be used in various areas, including financial services, healthcare,
application service providers, and e-commerce. Secure Mobile Access uses SSL encryption to encrypt data
between the Web Application Firewall and the client. Secure Mobile Access also satisfies OWASP cryptographic
storage requirements by encrypting keys and passwords wherever necessary.
Companies using Web Application Firewall can reduce the development cost required to create secure
applications and also cut out the huge turnaround time involved in deploying a newly found vulnerability fix in
every Web application by signing up for Web Application Firewall signature updates.
Resources accessed over Application Offloaded portals and HTTP(S) bookmarks can be vulnerable because of a
variety of reasons ranging from badly designed architecture to programming errors. Web Application Firewall
provides an effective way to prevent a hacker from exploiting these vulnerabilities by providing real-time
protection to Web applications deployed behind the SMA/SRA appliance.
Deploying Web Application Firewall at the SMA/SRA appliance lets network administrators use application
offloading even when it exposes Web applications needing security to internal and remote users. Application
offloading avoids URL rewriting that improves the proxy performance and functionality.
There are several benefits of integrating Web Application Firewall with SMA/SRA appliances. Firstly, identity-
based policy controls are core to Web Application Firewall and this is easily achievable using Secure Mobile
Access technology. Secondly, there are lower latencies because of the existing hardware-based SSL offloading.
Most importantly, SMA/SRA appliances run Web applications and must be protected from such attacks.
As small businesses adopt hosted services to facilitate supplier collaboration, inventory management, online
sales, and customer account management, they face the same strict compliance requirements as large
enterprises. Web Application Firewall on an SMA/SRA appliance provides a convenient, cost-effective solution.
Web Application Firewall is easy to configure in the Secure Mobile Access management interface. The
administrator can configure Web Application Firewall settings globally, by attack priority, and on a per-signature
basis. After custom configuration settings or exclusions are in place, you can disable Web Application Firewall
without losing the configuration, allowing you to complete maintenance or testing and then easily re-enable it.
How Does Web Application Firewall Work?
To use the Web Application Firewall feature, the administrator must first license the software or start a free
trial. Web Application Firewall must then be enabled on the
Web Application Firewall > Settings
page of the
Secure Mobile Access management interface. Web Application Firewall can be configured to log or block
detected attacks arriving from the Internet.
The following sections describe how Web Application Firewall and SMA/SRA appliances prevent attacks such as
Slowloris or those listed in the OWASP top ten, how Web Application Firewall protects against information
disclosure, and how other features work:
•
How are Signatures Used to Prevent Attacks?
•
How is Cross-Site Request Forgery Prevented?
•
How is Information Disclosure Prevented?
•
How are Broken Authentication Attacks Prevented?
•
How are Insecure Storage and Communications Prevented?
•
How is Access to Restricted URLs Prevented?
•
How are Slowloris Attacks Prevented?
•