Latest version of visionary WAF delivers added flexibility, improved safeguards for sensitive data and protection for cloud-based apps.
Cybersecurity expert Positive Technologies has today announced a new version of its web application firewall solution, PT Application Firewall (PT AF). The new version is easier to deploy and configure in a wide-range of enterprise scenarios, as well as featuring improved protection for end-users’ sensitive data.
“We always try to keep focused on the evolving needs of the customer to stay abreast of the ever-shifting security landscape,” says Dan Tara, Executive VP Positive Technologies. “There is a clear gap in the market for solutions which are easy to deploy and manage, and this release makes PT AF as adaptable as possible. This starts from the very beginning with easier installation and continues through every-day operation, ensuring PT AF helps clients comply with best protection practices. PT Application Firewall can now be more easily extended to multiple apps and used with less interruption to business processes, allowing organizations to calmly do business while being sure of deep, continuous, and controllable protection for their data.”
The key PT Application Firewall updates include:
- Quick and easy deployment. Now organizations can rapidly connect PT AF to their IP networks without making any configuration changes. This is possible thanks to new deployment models: Bridge L2 and Transparent proxy. In the Bridge L2 model, PT AF detects intrusion attempts so that administrators can monitor them clearly and in a timely manner. Transparent Proxy mode provides administrators with the option to simply detect malicious traffic or to automatically and immediately block such suspect activity. An important new feature here is the ability to instantly switch between models via the web-interface in a single click.
- Smart and flexible configuration. To make life even easier and safer, PT AF introduces a new approach to setting security policies. Based on continuous research, Positive Technologies’ experts have created security policy templates that are instantly available in the product. Administrators can pick, setup and create required policies in a variety of new ways: including by level of security, a general policy for multiple apps, individual policies for each separate application, or even for the particular parts of an app. Moreover, settings can be saved and reused for new sites, while retaining changes made to the original. This offers significant savings in administration time and effort and gives organizations efficient and granular fine-tuning of their protection, ensuring security that’s better tailored to each particular use case.
- Improved usability. PT AF set-up has been simplified to reduce time-to-launch. Instead of executing multiple commands, administrators can now use convenient configuration wizard, allowing them to quickly finalize deployment settings. Automatic detection of protected applications means administrators no longer have to remember all servers and IP addresses while utilizing Transparent Proxy, Bridge and SPAN deployment modes––everything is detected automatically. This feature also provides the flexibility to manage (filter, sort, save, etc.) protected resources, making every-day administration tasks much less labor-intensive.
The following improvements are also available:
- Advanced support for critical application availability. Security is essential, but for many organizations it is also crucial to provide a constant service for end users. PT AF administrators can now maintain normal app operations, even if minor defects are detected. By modifying server responses within PT AF, they can keep the app running normally for end-users while defects are fixed on the backend.
- Protection in public clouds. As enterprises increasingly rely on cloud-based solutions, security needs to adapt to related threats. PT AF is now available in the public cloud via the Microsoft Azure platform with a bring-your-own-license model. Applications can now enjoy a high level of protection, wherever they are placed.
- Improved Check Point integration including single-view capabilities. The integration between PT AF and Check Point firewalls benefits from a new option to send incident and attack data from PT AF to the Check Point SmartCenter. This allows security events from both devices to be synchronized and correlated in a smart manner, providing more accurate attack detection.
- Maximum confidentiality for end-user data. To enhance protection for application users, administrators can now create special rules to detect sensitive end-user data such as payment card numbers, passport data, insurance details etc. Further rules can be used to mask this information from third parties, or even from administrators using PT AF itself. Future releases will include pre-configured data masking rules for instant deployment.
“This update makes great strides towards meeting critical market needs, says Dan Tara. “We’ve put a huge amount of work into radically improving ease of deployment and usability. Many processes that were formerly more complicated and time-consuming have been simplified and automated. Of course, industry needs don’t stand still. So there’s always room for improvement in protection capability, integration and user-friendliness. We continue to move forward in each of these directions to ensure we confidently meet real market challenges with each new product version.”