Brocade Virtual Web Application Firewall (Brocade vWAF) provides a strong, scalable security perimeter around off-the-shelf solutions, complex custom applications and third-party frameworks to guard against common vulnerabilities.
Brocade vWAF analyzes each request against the ruleset assigned to the application, and determines what action to take; permit it to pass to the application or reject it. It monitors outgoing responses as they are returned to the client. Sensitive information can be filtered out from responses to ensure that data leakage is captured, even if the initial malformed request is successful, so customer information such as credit card data, social security numbers can be screened out by using comprehensive security policies. The behavior of the application and traffic patterns can be monitored to help optimize protection and recommend additional policies.
Brocade vWAF includes a Baseline Protection Wizard, which makes it easy to update policies. The baseline policies are a blacklist and regex-pattern match of known vulnerabilities and attacks: when it detects a suspicious pattern which matches the baseline policies, then the request is rejected without exposing the application.