2. Intelligent
No.1 in Korean
Web Application Firewall Market
When it comes to web application firewall, WAPPLES is it!
WAPPLES is the web application firewall(WAF) selected by most customers. Its unique and original
smart security engine cuts off even unknown attacks, performs precise and perfect detection, and
delivers the best performance even with all types of embedded security functions. With its easy security
setup and convenience of operation, WAPPLES is leading the popularization of web application firewall
and securing a broad range of customers.
>>
Immediate detection of mutated attacks by embedded smart engine
Perfect detection,
Precise detection through the analysis of attack techniques
high-level security
Prevents false-positive detection through logical multi-detection techniques
Delivers consistent
high performance >> Delivers high performance through optimized attack detection
Maintains high performance in high-level security environments
>>
Installation without changing the existing system
Easy and convenient Intuitive security setup using the setup wizard
security control Integrated control of a number of web application firewalls (optional)
>>
Supports various network environments including
inline/reverse proxy/monitoring/High Availability(HA) configuration, etc.
Support for various
web environments Provides a lineup of various products
for small-/medium-/large-scale web service environments
Item Logical Analysis Method (WAPPLES) Pattern Matching Method (other firewalls)
Detection Analyzes, assesses, and judges the types of attacks Judges the signs of attack by comparing whether or
through the logical analysis engine embedded in not they correspond to the pattern registered by
method
the product the Manager
Detection Selects pre-established policies such as recommended The Administrator has to register the patterns per
setup policies or controls by setting the level of 26 rules individual attack, or expert updating service is required.
No change in performance due to security setup
Detection As the number of patterns increases, performance
Maintains the same performance in test and
performance continues to deteriorate.
actual operation environments
Response to Immediately cuts off a mutated attack through Cutting-off is activated only after registering the new
mutated attacks the analysis of its core mechanism attack pattern to prevent mutated attack.
[ Comparison of web applicatoin firewall detection methods ]
3. Security & Performance
Security - Smart security that precisely defends against mutated attacks
Precise detection of attacks on the web Prevention of leak of personal information
> Defends against various mutated attacks through > Accurate inspection and cutoff of personal information
smart logical analysis based on a verification mechanism
> Precise analysis of traffic based on optimized rules (Luhn algorithm: ISO/IEC 7812, etc.)
by attack type
> Inspection and cutoff of personal information in attached files
> Prevents false-positive detection through a combination of
positive and negative models > Masks important information, automatic conversion
of forbidden words
Protection of web servers Detection of attacks on encoded traffic
> Prevents the faking and modification of Cookie and Hidden Field > Detects attack on the web through the decoding of
> Cuts off attacks on the application-level web service (DDoS) HTTPS communication (SSL/TLS)
> Prevents the disclosure of web server-related information > Linked to web-encoding solution based on application
programs
WAPPLES MS
INTERNET WAPPLES
Network Switch Switch Web DataBase
Firewall Server Server
Configuration of WAPPLES HA
[ Applied example of configuration of WAPPLES HA and WAPPLES management system(MS) ]
* WAPPLES MS is a management system that carries out the integrated management of multiple units of WAPPLES. (optional)
Performance
- Consistent high performance through logical analysis-based detection engine
Logical analysis-based detection engine COCEP embedded Support for enterprise web service environments
> Optimizes attack-detecting performance through logical analysis > Supports 10G broadband (WAPPLES-5000)
> Delivers consistent performance while maintaining high-level security > Supports Gigabit Ethernet and Fast Ethernet
> Supports Hardware-based accelerated SSL (optional)
4. Convenience & Stability
[ Main screen showing the management tools ]
Convenience
- Simple management environment for the optimal operation of security
Simple installation and application Support for efficient operation
> No need for change of network and web applications > Supports various configuration environments such as
for installation inline, reverse proxy, monitoring, etc.
> Provides as basics the recommended policies verified > Manages multiple WAPPLESs with one integrated
in a variety of customer environments management tool (if WAPPLES MS is selected)
> Establishes optimized security policies with just clicks
(Windows-like GUI)
Flexible response to the web environment Visualization of detection information
> URI access control through automatic learning > Personalizes the Administrator’s screen through
> Smart IP access control reflecting the risk rate and the tab and docking functions
frequency of attack > Provides statistics on intrusion and graphic charts
including web traffic
> Supports the printout of reports and extraction of
various forms of graphs
Stability - Uninterrupted service through real-time response
Support with uninterrupted service Real-time check on operational status
> Active-Active, Active-Standby configuration for HA > Maintains its own integrity using WatchDog
> Supports HA configuration without a separate > Auditing and external notification by recording the
switching device operation state
> Supports bypass with uninterrupted web service in > Remote notice service through the central control
any environment system (optional)
Inline mode Reverse proxy / HA (High Availability)
Monitoring mode configuration
[ Configuration Diagram for the Installed WAPPLES ]
5. Product Specifications
Form
Class Model Package Design Throughput
Factor
Network Interface Power Supply Memory CPU
2 x 10/100/1000
WAPPLES 1U Rack BaseTX Intel Dual
Value
100Mbps AC100~240V
2GB Core
-50 Type 4 x 10/100/1000 50/60Hz 200W
BaseTX Bypass 2.5GHz x 1
WAPPLES Intel
1U Rack 8 x 10/100/1000 AC100~240V Quad Core
-100 500Mbps 4GB
Type BaseTX Bypass 50/60Hz 300W Xeon
Performance
Type2 2.4GHz x 1
8 x 10/100/1000
BaseTX Bypass AC100~240V Intel
WAPPLES
2Gbps 2U Rack 2 x 1000 BaseSFP 50/60Hz 400W 8GB Quad Core
-1000 Redundant Xeon
Type Optional
Type2 2 x 1000 Base Power Supply 2.33GHz x 2
Optical Bypass
2 x 10/100/1000
BaseTX
8 x 10/100/1000 AC100~240V Intel
BaseTX Bypass
WAPPLES 4Gbps 2U Rack 50/60Hz 400W Quad Core
4 x 1000 BaseSFP 16GB
Redundant Xeon
-2000 Type
Optional Power Supply 2.66 GHz x 2
2 x 1000 Base
Optical Bypass
High-End
2 x 10/100/1000
BaseTX
8 x 10/100/1000
BaseTX Bypass
4 x 1000 BaseSFP AC 100~240V Intel
6Gbps 2U Rack 2 x 1000 Base 50/60Hz 500W Nehalem
Optical Bypass 16GB
WAPPLES Type Redundant 2.4GHz
Optional Power Supply 5.86 GT/s x 2
-5000 4 x 1000 Base
Optical Bypass
2 x 10G Base
Optical Bypass
Awards and Certifications
Awards
> 11. 2008 Grand Prize in Intelligence from the Society of Korea
Intelligence System
> 04. 2009 Grand Prize in New Software Product from the Ministry
of Knowledge and Economy of Korea
> 11. 2009 Korean Prime Minister’s Award in new technology
development and utilization for 2009
> 02. 2010 Won the 9th Top Award for ROK corporate
SW competitiveness
Certification
> CC certification from the National Intelligence Service (NIS) of Korea (EAL4 class)
> GS certification from the Information Technology Association
> Equipped with NIS-verified encryption modules
> Electromagnetic compatibility registration (EMI) certification
> PCI-DSS compliance certification
6. Intelligent
The Best Defense Against Web Application Attacks
Perfect detection, high-level security
Delivers consistent high performance
Easy and convenient security control
Support for various web environments
Verified Quality and Competitiveness
No. 1 in Korean web application firewall market
Grand Prize in New Software Product from the
Ministry of Knowledge and Economy of Korea
Grand Prize in Intelligence from the Society of
Korea Intelligence System
CC certification from the National Intelligence
Service (NIS) of Korea (EAL4 class)
GS certification from the Information Technology
Association
Equipped with NIS-verified encryption modules
EMI registration certification
Penta Security Systems Inc.
Hanjin Shipping Bldg., 20th Fl. 25-11 Yoido-dong,
Youngdeungpo-ku, Seoul, Korea 150-949
Tel : 02-780-7728 / Fax : 02-786-5281 / www.pentasecurity.com
Any inquries : 02-2125-6668 / sale@pentasecurity.com
Penta Security Systems K.K.
Akasaka ascend Bldg 3F 3-2-8 Akasaka , Minato-ku, Tokyo 107-0052,Japan
TEL: 81-3-5573-8191 FAX: 81-3-5573-8193
Email: japan@pentasecurity.com
Penta Security Systems Inc. 2010, All rights are reserved.
WAPPLES is trademark of Penta Security Systems Inc. 100831-EW-A1