Web Application Firewall (WAF)

WAF uses rule and AI dual engines and integrates our latest security rules and best security practices.

WAF can detect OWASP top 10 threats, decode 10+ types of code, and it uses a Huawei-patented technique that prevents threats from bypassing security controls, improving the detection rate by 40%.

WAF enables precise protection with customizable enterprise-grade protection policies, including custom alarm pages, composite rules for CC attack prevention, and IP address blacklists.

You can anonymize your sensitive data, such as accounts and passwords, in attack logs.

You can also configure the minimum TLS version and cipher suite to make your services compliant with PCI-DSS certification.

You can authorize WAF to use Log Tank Service (LTS) to store as many logs as you need, including access, attack, and request logs.

WAF makes it easier for you to meet compliance requirements such as PCI DSS certification.

WAF provides protection for IPv6 traffic to help meet the compliance requirements of governments and enterprises.

A 24/7 professional security operation team is equipped, making it possible to fix emergency 0-day vulnerabilities within as little as 2 hours.

WAF uses virtual patches on the cloud so that 0-day vulnerabilities can be fixed in a timely manner and without any manual intervention.

WAF responds to and contains risks quickly with presets protection rules so that your web services will get protected all the time even before the third-party vendors fix vulnerabilities.