SonicWall WAF Series
Web Application Firewall

What's New:

The next evolution of the product, SonicWall WAF 2.2 gains five significant new features and enhancements, including a new licensing model.

Real-Time Website Malware Prevention with Capture ATP Integration

With the increasing threat of malware, many websites are also at risk of advanced malware attacks like cryptojacking and the famous CTB-locker malware that targeted WordPress websites.

Malware is injected into websites through the use of vulnerable plugins or by using file-upload facilities available with many websites. SonicWall WAF now integrates with the Capture Advanced Threat Protection (ATP) sandbox service. It detects malware embedded in traffic streams by leveraging the industry-leading, multi-engine malware analysis platform, including Real-Time Deep Memory Inspection (RTDMI). Any attempts to inject or upload malicious files to a website would be inspected in-line (as opposed to after the fact) while maintaining an optimal user experience.

Simplifying Transport Layer Security, SSL Certificate Management with 'Let's Encrypt'

The biggest challenge for securing website communication is the need for legitimate SSL/TLS certificates for encryption and decryption. Legitimate certificates are expensive to purchase, manager, monitor and renew.

But with SonicWall WAF 2.2, organizations can take advantage of the Let's Encrypt service through a built-in integration that not only offers free certificates, but will also automatically monitor and renew digital certificates.

This eliminates the administrative effort to enable SSL/TLS required on the website to turn on support for SSL/TLS.

By combining Let's Encrypt integration, Perfect Forward Secrecy (PFS) and HTTP Strict Transport Security (HSTS), the SonicWall WAF ensures that websites are only accessible via a secured and encrypted channel, which also improves search engine visibility and ranking.

Seamless Multifactor Authentication Controls Access to Sensitive Content, Workflows

The most common cause of information leakage from websites stems from improper access control on websites, sometimes via unauthenticated pages and others because of the lack of strong authentication controls (remember the Equifax attack?).

With SonicWall WAF 2.2, administrators can redirect users to an authentication page for any part of the web application by leveraging an existing authentication page or with a WAF-delivered login page.

Administrators can also enforce second-factor authentication using client certificates or one-time passwords (OTPs) to validate users trying to log in to the web application are, indeed, genuine users.

API Support for Managed Cloud Service Providers

Cloud service providers often manage and host websites for their customers. In many cases, they leverage DevOps and programmable infrastructure using APIs to launch hosting environments, web application platforms and ready-to-use infrastructure. But if security is not embedded into these DevOps workflows, they leave gaping holes and become liable for website security.

With SonicWall WAF 2.2, administrators can automatically launch WAF virtual appliances and programmatically provision security for websites using scripts in DevOps workflows. This includes creating a web application to be protected, enabling exploit prevention, enabling Let's Encrypt Integration for free SSL/TLS support and enabling Capture ATP integration for malware prevention.

New Utility-based Licensing Model, An innovation for WAF Virtual Appliances

With SonicWall WAF 2.2, organizations may purchase protection on a per-website basis. This helps reduce the total cost of ownership (TCO) by purchasing only what they need. Four types of websites are currently supported based on the amount of data that is transferred to/from the website per month.

A sizing calculator will recommend the compute requirements for the WAF virtual appliance and will provide guidance to website administrators on what type of license they need to buy based on a variety of metrics like sustained/peak throughput, average visits per day etc.

SonicWall WAF helps administrators secure their websites and their digital environment, thereby establishing trust in their digital brand.

Features & Benefits:

Web Application Threat Management

• Shrink attack surface with full management and control of web application traffic
• Interrogate the behavior and logic of web communication beyond protocol activities
• Detect and alert on anomalies in web application behavior

Web Application Protection

• Protect against known and zero-day vulnerabilities with virtual patching and custom rules
• Defend against latest vulnerabilities and threats outlined by OWASP Top Ten
• Preserve web servers integrity and performance against application DoS/DDoS attacks

Data Leak Prevention (DLP)

• Prevent data theft via data masking and page-blocking techniques
• Bar attackers from gaining access to users' accounts and all accounts on web servers with precise access security controls

Accelerate Application Delivery

• Enable caching, compression and other HTTP/TCP optimizations to accelerate application delivery
• Reduce workload and boost performance by offloading SSL transactions
• Perform Layer-7 load balancing to distribute the load across clustered web servers

Additional Features:

Web Application Security

• OWASP Top 10 Protection
• CSRF Protection
• Cookie Tampering Protection
• Website Fingerprint Detection
• Sensitive Data Protection - Masking and Blocking
• Rate Limiting and DoS Protection
• Anti-evasive inspection
• Automatic Signature updates
• Web Application Profiling & Auto-Rule Generation
• Access Policies (using Geo, IP, URL or User)
• Custom Rules & Rule-chaining
• Custom Error response

Botnet Protection

• Geo-IP- and Threat Intel-based protection filtering
• Blacklisting and Whitelisting
• Blocking and Captcha-based Remediation Support

Secure Web Application Delivery

• Secure Web App. Offloading
• SSL Inspection & PFS
• Stacked Authentication (2FA, OTP, client-cert, etc.)
• Session Logout Timer
• Layer-7 Load Balancing
• Web App. Health Monitoring
• Web App. Acceleration -content caching, compression and TCP opt

Administration

• Customizable Web Portal with CLI Support
• Admin Authentication via AD/LDAP, RADIUS and Certificate
• Automatic Software Updates

Monitoring & Reporting

• SNMP Support
• Event / Audit Logging & Syslog
• Email alerts
• System monitoring & Diagnostics
• Threats Dashboard
• Health Dashboard
• PDF Report Exports

Platforms & Licensing

• VMWare & MS Hyper-V and AWS & MS Azure (BYOL)
• Subscription License based on capacity

Flexible, Customizable Deployment Options:

SonicWall WAF can be deployed on a wide variety of virtualized and cloud platforms for various private/public cloud security use cases. The WAF Series is available for deployment on the following platforms:

1. Private Cloud:
• VMware ESXi
• Microsoft Hyper-V
2. Public Cloud:
• Amazon Web Services (AWS)
• Microsoft Azure

MODEL	COMPUTE CAPACITY	RECOMMENDED AWS INSTANCE	RECOMMENDED MS AZURE INSTANCE
WAF 200	2 vCPU	C5.large	Standard_F2s_v2
WAF 400	4 vCPU	C5.xlarge	Standard_F4s_v2
WAF 800	8 vCPU	C5.2xlarge	Standard_F8s_v2
WAF 1600	16 vCPU	C5.4xlarge	Standard_F16s_v2

Specifications:

	WAF 200	WAF 400	WAF 800	WAF 1600
Supported Platform	VMware ESXi v6.5 Microsoft Hyper-V Manager 6.2 / 6.3 Amazon AWS Microsoft Azure
WAF Tier	Tier 1	Tier 2	Tier 3	Tier 4
SSL Transactions/sec	6,000	12,000	24,000	48,000
SSL Throughput	500 Mbps	1 Gbps	2 Gbps	4 Gbps
Recommended vCPUs*	2	4	8	16
Recommended Memory	4 GB	8 GB	16 GB	32 GB
Recommended Storage	8 GB	8 GB	8 GB	8 GB
Recommended AWS Instance	c5.large	c5.xlarge	c5.2xlarge	c5.4xlarge
Recommended Azure Instance	Standard_F2s_v2	Standard_F4s_v2	Standard_F8s_v2	Standard_F16s_v2

*This is based on typical enterprise-grade server systems. For more information, please see the Deployment Guides.

Documentation:

Download the SonicWall WAF Datasheet (.PDF)