Discover the Key features of DenyAll rWeb

DenyAll rWeb is the most feature-rich WAF in terms of security. It helps stop real-world attacks targeting your apps and data

key features of rWeb

Effectiveness

Security engines to adjust policy to the criticality of your apps, ensure actual attacks are blocked, not your valid traffic.

Effectiveness

Combining basic filtering methods (negative and positive security), with user behavior analysis and more advanced techniques, as required, to actually block attacks while minimizing the risk of false positives.

Scoring mechanism

The Scoring list interprets requests, assigns weights to potentially dangerous parameters, blocks when threshold are reached.

Scoring mechanism

The technology, tested against the real traffic data of loyal customers for two years, is very effective against both know and zero day attacks. It requires no learning, no updates and generates few false positives.

Behavior analysis

Analyze user actions to identify bots, block business logic attacks attempting to steal credentials or bring your app down.

Behavior analysis

User Behavior Tracking prevents the illegal abuse of user rights and attacks such as cookie theft, brute force authentication, password cracking, site downloading, application-layer denial of service attacks.

Advanced engines

Basic filtering doesn’t work for modern apps. A new generation of security engines is required to effectively secure them.

Advanced engines

Signatures can be bypassed. App learning isn’t practical in agile environments. rWeb’s grammatical analysis and sandboxing techniques increase efficiency, block attacks without generating false positives.

XML Security

rWeb is a full Web Services Firewall, also capable of securing your Service Oriented Architectures and Web Services members.

XML Security

WSDL, XSD and DTD template validation, XML transformation, access control lists (by URL, function, source IP), signatures against xPath and XML injections, attachment virus scan via iCAP, protection of UDDI servers.

Virtual patching

Test and adjust rWeb’s security policy to prevent the exploitation of your applications’ actual vulnerabilities.

Virtual patching

Tight integration with DenyAll Vulnerability Manager provides administrator with practical recommendations on how to improve the WAF’s efficiency, by activating additional security engines, creating specific rules.

High reliability

Protecting business critical web applications and web services from attacks, rWeb is a time-tested, rock solid product.

High reliability

Deployed as a reverse proxy, in blocking mode, rWeb acts as the actual web server, terminating standard and SSL traffic. With its built-in active-active and active-passive clustering capabilities, it won’t fail you.

Quick & easy setup

Administrators need to be able to deploy policy quickly and on multiple devices, as applications are being created.

Quick & easy setup

A checkbox-based, layered administrator environment, combined with templates for typical applications, APIs, command-line interface and console help streamline and industrialize the deployment process.

Certification & Awards

DenyAll is trusted by 600 demanding customers in all sectors of activity and awarded for its innovation and reliability

Certified by ANSSI (CSPN)

The French national agency for information security has certified DenyAll rWeb for its first level security certification.

Label France Cybersecurity

DenyAll is awarded “France Cybersecurity Label” by the French government, which proves the quality and performance of our Web Application Firewall rWeb.

Gartner’s Magic Quadrant

In the 2015 edition of Gartner’s Magic Quadrant for Web Application Firewalls, DenyAll is identified as a Visionary, thanks to its innovation in security.

Why choose DenyAll rWeb?

Discover why DenyAll rWeb is the product that best meets your needs

  • Most effective against real attacks

    Because of its time-tested ability to counter evasions, prevent defacements, servers being brought down and data breaches.

  • Choice of filtering techniques

    Because it offers black list, while list, scoring list, user behavior tracking, advanced detection engines and Web Services security.

  • Comprehensive security

    Because rWeb secures all your Web apps and Services, be they internal, on the Internet, deployed on premises or in the cloud.

  • Fully reliable

    Because of rWeb high availability features and proven track record at protecting our customers’ critical applications.

  • Vulnerability aware

    Because of rWeb tight integration with DenyAll Vulnerability Manager, provides granular virtual patching recommendations.

  • Ease of administration

    Because it can be configured in a few clicks, using checkboxes and templates, and deployments automated via its API and CLI.

Form Factors

Deploy your DenyAll rWeb anywhere, even in the cloud

HARDWARE

Dell appliance bundles

DenyAll appliances offer price/performance choice that meet the IT needs of small and large companies. No installation needed, it takes only a few minutes to deploy DenyAll rWeb.

SOFTWARE

Virtual machine (VM)

The software relies on a CentOS Linux operating system which has been optimized and hardened to meet the most stringent requirements in terms of security and performance.

CLOUD

Cloud-based solution

DenyAll takes application security to the cloud and is delivering rWeb on the Amazon Web Services marketplace, on Microsoft Azure and on many OpenStack platforms.

AS A SERVICE

Cloud Protector

Leveraging the scalability of the cloud, Cloud Protector removes the need for technical expertise and simplifies the steps required to protect and accelerate any web site.

Additional resources

More information on DenyAll rWeb

“NextGen WAF” white paper

DenyAll Corporate Backgrounder

DenyAll Appliances

Datasheet Appliances

DenyAll Web App Firewall

Fiche Produit DenyAll Web Application Firewall

DenyAll Web Services Firewall

Datasheet Web Services Firewall

Talk to a DenyAll Security Expert Today!