Citrix NetScaler AppFirewall WAF

Citrix NetScaler AppFirewall WAF
Citrix NetScaler AppFirewall
Home — PartnersCitrix — Citrix NetScaler AppFirewall WAF

Defend your network from all threats with Citrix NetScaler AppFirewall. The Citrix NetScaler AppFirewall is a best-of-breed web application firewall (WAF) that protects web applications and sites from both known and unknown attacks, including all application-layer and zero-day threats. Available as a standalone appliance or integrated within the Citrix NetScaler ADC platform, Citrix NetScaler ADC is rated as the price/performance WAF leader by NSS Labs. Simplified configuration controls further mitigate risk, and Citrix Pay-As-You-Grow pricing allows you to invest based on your current needs, then scale up later at your convenience. The Citrix NetScaler AppFirewall averages a 99.8% Block rate. It has the lowest TCO — up to 60% lower cost compared to other WAF vendors in the market today. See why NSS Labs Recommends Citrix NetScaler ADC. Simplifies desktop management. Protects online revenue sources. Ensures up time of web sites and web services by defeating Layer-7 Denial of Service (DoS) attacks.

Citrix NetScaler ADC is a comprehensive ICSA certified web application security solution that blocks known and unknown attacks against web and web services applications. Citrix NetScaler ADC enforces a hybrid security model that permits only correct application behavior and efficiently scans and protects known application vulnerabilities. It analyzes all bi-directional traffic, including SSL encrypted communication, to protect against a broad range of security threats without any modification to applications. Citrix NetScaler ADC technology is included in and integrated with Citrix NetScaler MPX and VPX, Platinum Edition, and is available as an optional module that can be added to NetScaler MPX appliances running NetScaler Enterprise Edition. Citrix NetScaler ADC is also available as a stand-alone solution on seven Citrix NetScaler MPX appliances. The stand-alone Citrix NetScaler ADC models can be upgraded via software license to a full Citrix NetScaler Application Delivery Controller (ADC).


Flexibility To Adapt To Changing Business Requirements

NetScaler AppFirewall permits flexible, stepwise deployment of web application protection. The default web application protection profile defends against the most common dangerous threats and adds full protection against both data theft and Layer-4 through Layer-7 DDoS attacks. The advanced web application protection profile adds session-aware protections to protect dynamic elements, such as cookies, form fields and session-specific URLs. Attacks that target the trust between the client and server including cross—site request forgery are stopped; requests are validated by checking for a unique ID inserted by NetScaler. Citrix NetScaler ADC enforces both positive and negative security models to ensure correct application behavior. Such protection is imperative for any application that processes user-specific content, such as an e-commerce site. To make sure these security measures are compatible with any application, Citrix NetScaler AppFirewall learning capabilities help the administrator create managed exceptions and relaxations when the application’s intended — and legal behavior might otherwise cause a violation of the default security policy.

Citrix NetScaler AppFirewall — Defeating XML Threats

In addition to detecting and blocking common application threats that can be adapted for attacking XML-based applications (i.e. cross-site scripting, command injection, etc.), Citrix AppFirewall includes a rich set of XML-specific security protections. These include schema validation to thoroughly verify SOAP messages and XML payloads, and a powerful XML attachment check to block attachments containing malicious executables or viruses. Automatic traffic inspection methods block XPath injection attacks on URLs and forms aimed at gaining access. Citrix NetScaler AppFirewall also thwarts a variety of DoS attacks, including external entity references, recursive expansion, excessive nesting and malicious messages containing either long or a large number of attributes and elements. In addition, Citrix NetScaler ADC prevents the inadvertent leakage or theft of sensitive information, such as credit card numbers or custom-defined data objects, by either removing or masking content from application responses — before being publicly disclosed. Delivers PCI DSS v.3.1 compliance.

PCI Compliance And Auditing

With payment card fraud at an all-time high, secure payment card standards have never been more crucial. Yet since the adoption of version 3.0 of the Payment Card Industry Data Security Standard (PCI DSS), organizations have been struggling to meet its hundreds of requirements. And even full compliance with these standards may not protect networks from advanced cyber threats. Citrix has a powerful yet affordable solution. Citrix NetScaler ADC aids corporate IT security teams in conforming to governmental privacy regulations and industry mandates. For example, organizations subject to Payment Card Industry Data Security Standard requirements can now fully meet the requirements detailed in PCI DSS Section 6.6, which mandates the installation of web application firewall in front of public facing applications as  one method of maintaining a proper security posture. Protects credit and debit card account numbers to comply with the Payment Card Industry Data Security Standards.
Citrix NetScaler AppFirewall
[TABS_B id=19219]