Secure eCommerce with a Managed WAF.
The Web Application Firewall (WAF) service is a solution dedicated to web application protection, enabling monitoring, filtering and control of http/https traffic.
Due to its attractive price, it is an ideal solution for eCommerce websites, where ensuring operational continuity not only enables order processing but also shows the company’s credibility.
How it works
- Protection of bandwidth up to 50Mbit/s
- Protection for up to 5 applications
- 1 configuration change per month
- 30 offline log retention
- Protection of bandwidth up to 100Mbit/s
- Protection for up to 10 applications
- Up to 3 configuration changes per month
- 0 days of offline log retention
- Up to 5 extended rules
- Protection of bandwidth up to 200Mbit/s
- Protection for up to 15 applications
- Up to 5 configuration changes per month
- 90 days of offline log retention
- Up to 10 extended rules
- Manual system optimization
- Acceptance testing
Scope of service
The service is configured and launched based on the guidelines you specify (items to be whitelisted and blacklisted) and is tailored to the specifics of your sites.
The service is monitored and administered by T-Mobile’s SOC 24/7/365, and includes regular reporting and technical support.
The service also includes backup of WAF configuration, log retention and a possibility to extend the service to monitoring and responding to incidents detected by WAF, as well as web application penetration tests.
Each of the stages is carried out by a qualified team of T-Mobile experts specializing in IT security
The fastest WAF on the market na rynku
Throughputs from 25Mbps to 20GBps
Built-in vulnerability scanner and integration with third-party scanners
Protection against SQL Injection, eliminating false positives and false negatives (based on SQL syntax, not signatures)
Protected bandwidth (to/from applications)
Up to 200Mbit/s
Built-in visualization of all WAF components in one place, without the need to buy and install separate environments
Innovative machine learning technology to minimize false positives.
L7-based content and SSL hardware acceleration.
- Central (virtual machine created in T-Mobile Data Center and managed by SOC)
- Local (physical device installed in the client’s location, managed by VPN and SOC)
Protection against threats
The application firewall protects websites against attacks that use vulnerabilities described, among others, on the OWASP TOP 10 list.
Exposure (compromise) of sensitive data.
Flaws in applications that parse XML files (XML eXternal Entity).
Errors in access control mechanisms.
Errors in security configurations.
Cross-Site Scripting (XSS).
Unsecured deserialization mechanisms.
Use of software containing known vulnerabilities.
Insufficient monitoring and logging.