ZION SECURED WAMAF has caching enabled. Frequently visited content, such as pictures, are stored temporarily on the server so they don’t have to be requested from the web server itself every time. Next to this, we opted for a datacenter with a large bandwidth (1GB/second). Because of these 2 reasons your website will not be slowed down. Because all attacks from viruses are blocked by ZION SECURED WAMAF the website will only answer to correct requests.

The pro and advanced version make use of positive security, hence they don’t only work with a blacklist. This way protection for the newest threats is always present. Only safe request make it through. In our datacenter we block new attacks daily increasing our security teams’ knowledge and overview of the newest trends and dangers.

For detection of malware we use Dasient, founded by google experts in the Malware area. On one hand we’re capable of detecting and blocking most of the malware attacks and on the other hand we scan your website for malware. In case an infected page is detected, the WAMAF will block this page immediately so your visitors cannot get infected.

ZION SECURED WAMAF is Security-as-a-Service. This allows organizations to get their website secured in an instant. The only thing you have to do is change the IP address of your web server in DNS to the IP address of our ZION SECURED WAMAF service. All HTTP traffic will be routed through our data center and all direct traffic to your web server has to be disallowed. Your web server still has to accept HTTP request from our data center. Through a port scan we verify the setup afterwards.

It’s perfectly possible to have our ZION SECURED WAMAF solution placed in your datacenter, under our management. In correspondence with you, we deliver you the appliances; and install the solution on your existing hardware or virtual environment.

A website is a web application with a unique URL. If you have multiple URL’s, e.g. mywebsite.be and mywebsite.com which are identified on the same web application, you only have to take 1 subscription. If mywebsite.be and mywebsite.com refer to a different web application, you are required to take 2 subscriptions.

A Web Application Firewall (WAF) is a layer 7 Firewall (also called proxy firewall). It inspects all traffic to your website for attacks from for example hackers or malware.

ZION SECURED WAMAF takes it one step further. We have revamped the principal from a default WAF and came to a new concept: a WAMAF. A WAMAF is a Web Anti-Malwire Application Firewall that has all functionalities of a regular WAF. On top of that a WAMAF is able to detect and block malware attacks and infected web pages. By detecting them, organizations can create a better image about the number of attacks on their infrastructure.

ZION SECURED WAMAF is the solution you need to protect your website. A WAMAF protects a website against attacks and gives a detailed reporting of detected attacks, like and anti-viral software protects your computer.

Of course this is more complex than anti-viral software because every website is different by custom development and design for the customer. There are default software solutions such as a content management system (Drupal & sharepoint), but these require some custom development as well to have integration with underlying systems.

The picture below shows how the ZION SECURED WAMAF solution works. All the web traffic (including attacks) to your web site is inspected in our datacenter. We detect and block all the attacks and forward the safe requests to your servers.

The biggest advantage of a WAMAF is that it only inspects traffic to the web server and not the underlying systems. These underlying systems are usually protected by a network firewall or by a Demilitarized Zone (DMZ).

A WAMAF CAN:

1. Inspect HTTP traffic to detect attacks
2. Decrypt HTTPS or translate from HTTPS to HTTP
3. Be used as an infrastructure component or web server component
4. Protect your website against malware

A network firewall is also known as a layer 3 firewall. This firewall uses network ports and ip addresses to filter traffic. Port 80 is the default port for web traffic. A network firewall allows everyone to the web server, including hackers. A firewall doesn’t notice a difference between normal traffic and attacks. A Web Application Firewall will inspect all suspicious traffic to port 80. The WAF detects and blocks suspicious requests as show in the image below:

Network Firewall

Web Application Firewall

There are three main reasons why organizations choose to work with ZION SECURED WAMAF:

1. There are no additional costs for hardware, software and management. ZION SECURED WAMAF works with a clear cost, with no catch. The price depends on the used bandwidth and selected options such as load-balancing, malware scanning & vulnerability scanning. If you use more bandwidth than you reserved, this will not require an intervention from your side. We will adapt your subscription and notify you with the changes.
2. ZION SECURED WAMAF manages all updates and upgrades. Our customers do not have to worry about downloading and installing patches. ZION SECURED WAMAF detects the newest threats and viruses immediately, and makes sure your organization is protected against them instantly.
3. The configuration and management of a WAF is not easy. To use a WAF to its full potential you will need somebody to manage it full time. Organizations don’t have the time nor the budget to hire an external expert or train an employee. By using ZIONSECURED WAMAF your organization can focus on your core business without having to worry about the security of your web applications.

ZION SECURED WAMAF detects and blocks attacks in our datacenter, before they can reach your website. This doesn’t mean that your website doesn’t contain any vulnerabilities or leaks. VERIFIED scans your web application continuously for leaks and vulnerabilities. Should VERIFIED detect a vulnerability your developers will be notified. While the problem is being solved, our WAMAF is already patched to protect your web application from exploiting that vulnerability.

By using a combination of a WAMAF with vulnerability assessment organizations can rest assured that their web applications are secure. The website will be protected to the maximum and your developers will learn how to write secure code in the long run.