Managed WAF

Secure eCommerce with a Managed WAF.

The Web Application Firewall (WAF) service is a solution dedicated to web application protection, enabling monitoring, filtering and control of http/https traffic.

Due to its attractive price, it is an ideal solution for eCommerce websites, where ensuring operational continuity not only enables order processing but also shows the company’s credibility.

Bezpieczny eCommerce

Scope of operation

WAF can occur both in the form of a dedicated device and a virtual machine.

Isolates applications from the Internet
Analyzes two-way http / https traffic
Detects and blocks malicious inquiries to applications
Works on the basis of static rules as well as reputation mechanisms

How it works


of packages

PLN netto

Bronze package

  • Protection of bandwidth up to 50Mbit/s
  • Protection for up to 5 applications
  • 1 configuration change per month
  • 30 offline log retention

Silver Package

  • Protection of bandwidth up to 100Mbit/s
  • Protection for up to 10 applications
  • Up to 3 configuration changes per month
  • 0 days of offline log retention
  • Up to 5 extended rules

Gold Package

  • Protection of bandwidth up to 200Mbit/s
  • Protection for up to 15 applications
  • Up to 5 configuration changes per month
  • 90 days of offline log retention
  • Up to 10 extended rules
  • Manual system optimization
  • Acceptance testing

Scope of service

  • Startup

    The service is configured and launched based on the guidelines you specify (items to be whitelisted and blacklisted) and is tailored to the specifics of your sites.

  • Maintenance

    The service is monitored and administered by T-Mobile’s SOC 24/7/365, and includes regular reporting and technical support.

  • Support

    The service also includes backup of WAF configuration, log retention and a possibility to extend the service to monitoring and responding to incidents detected by WAF, as well as web application penetration tests.

Each of the stages is carried out by a qualified team of T-Mobile experts specializing in IT security


  • The fastest WAF on the market na rynku

    Throughputs from 25Mbps to 20GBps

  • Vulnerability scanner

    Built-in vulnerability scanner and integration with third-party scanners

  • Unique solution

    Protection against SQL Injection, eliminating false positives and false negatives (based on SQL syntax, not signatures)

  • Protected bandwidth (to/from applications)

    Up to 200Mbit/s

  • FortiView

    Built-in visualization of all WAF components in one place, without the need to buy and install separate environments

  • Machine Learning

    Innovative machine learning technology to minimize false positives.

  • Loadbalancing

    L7-based content and SSL hardware acceleration.

  • Provisioning model

    • Central (virtual machine created in T-Mobile Data Center and managed by SOC)
    • Local (physical device installed in the client’s location, managed by VPN and SOC)

Protection against threats

The application firewall protects websites against attacks that use vulnerabilities described, among others, on the OWASP TOP 10 list.

These include:

  • Code injection.
  • Flawed authentication.
  • Exposure (compromise) of sensitive data.
  • Flaws in applications that parse XML files (XML eXternal Entity).
  • Errors in access control mechanisms.
  • Errors in security configurations.
  • Cross-Site Scripting (XSS).
  • Unsecured deserialization mechanisms.
  • Use of software containing known vulnerabilities.
  • Insufficient monitoring and logging.

Product benefits

Operational continuity

Certainty of uninterrupted operation and availability of the organisation's website

Compliance with regulations

Compliance with the requirements of legislation, standards and norms (including PCI DSS - for companies that process card payments

Data security

Increased security of databases containing e.g. payment, personal or medical data

Comprehensive service

Start-up, maintenance and management of the service by T-Mobile specialists

Full outsourcing

No need to employ a person responsible for web application security

Test it for free

In order to convince you of the effectiveness of the Managed WAF, we give you the opportunity to test the service before you decide to implement it

Do you have questions or need an offer?

Write to our Business Advisor
How can we help you?