R&S®Web Application Firewall key features

R&S®Web Application Firewall protects critical web applications against known and unknown threats and attacks, including the Top 10 OWASP


Business Edition

Enterprise Edition

Generic patterns (ICX)🔵 🔵
Heuristics (Scoring List) 🔵 🔵
Advanced Security Engines 🔵
API Security 🔵 🔵
User Reputation Scoring 🔵
Application profiling & templates 🔵 🔵
Application learning (sitemap)🔵
Monitoring🔵 🔵
Analytics (ELK) 🔵
Virtual patching 🔵
Options & Models
Extended API Security 🔵
IP Reputation Service🔵 🔵
Management Console (Analytics)🔵 🔵
Web Access Manager🔵
TPS (Transactions per second)Up to 21 000From 21 000

Protection of Web applications

Data flow analysis that detects vulnerabilities, tracks malicious intrusions and fixes them directly

Protection of Web applications

Semantic analysis of source code to detect and protect application vulnerabilities while minimizing false positives. Web application protection is used to counter attacks by SQL injection, Cross-site scripting (XSS), Remote File Inclusion (LFI), Source Code Disclosure (SCD). Real vulnerabilities are fixed directly in the source code.

Management Console

A single platform to configure and manage all instances and applications centrally

Management Console

The management console allows you to set up a strategy from a central location and measure its effectiveness. A dedicated appliance for the management console can manage one master instance and one failover instance or two master instances in R&S® Web Application Firewall

Extended API security

Meet the challenge of digital transformation in terms of security with Extended API security (Enterprise Edition)

Extended API security

Many companies are using APIs to transform their business. Web deployment can be industrialized through APIs to be more agile and reduce time to market. R&S®Web Application Firewall - Enterprise Edition detects attacks that may go unnoticed as they are created in the APIs used by applications. R&S® Web Application Firewall Enterprise Edition maintains the agile advantage of API-based development, while ensuring security and compliance.

Cloud Integration

R&S®Web Application Firewall - Enterprise Edition is a flexible, scalable technology for multi-cloud or hybrid cloud deployments

Cloud Integration

Rohde & Schwarz Cybersecurity extends application security to the cloud and provides R&S®Web Application Firewall - Enterprise Edition on the Amazon Web Services marketplace, on Microsoft Azure and on many OpenStack platforms.

IP Reputation

Choose an optimized security policy with R&S®Web Application Firewall

IP Reputation

Provides security operators with an up-to-date threat knowledge base to repel modern attacks. The service integrates seamlessly with R&S®Web Application Firewall to optimize performance, reduce false positives, block malicious robots and adjust authentication and security policies based on the user's context and behavior.

Analysis and reporting

Configuration, monitoring and reporting centralised on several instances (Enterprise Edition)

Analysis and reporting

R&S®Web Application Firewall - Enterprise Edition monitors user activity in context to prevent attacks and block abnormal behavior. Reports combine executive, managerial and technical views, support customizable templates and show how they have evolved (diff) over time. They can be provided in four formats (PDF, XML, CSV, MHT) and in several languages.

Adaptive authentication

Increases security while providing the best user experience (Enterprise Edition)

Adaptive authentication

Strong authentication is the best practice for critical web applications. This is where adaptive authentication is introduced. It offers both enhanced security and ease of use while combining ``learning behaviour`` with flexible authentication.

Virtual patching

Improve R&S®Web Application Firewall - Enterprise Edition and patch exploitable vulnerabilities

Virtual patching

The vulnerability scanner performs security tests on the assets of the entire IT infrastructure including remote cloud locations. It analyzes, identifies and prioritizes potential errors (in applications, systems and the network) and provides an optimal correction plan. Integrating the analysis report into R&S®Web Application Firewall - Enterprise Edition allows you to virtually fix application layer vulnerabilities to prevent ``exploits``.

Certification & Awards

Rohde & Schwarz Cybersecurity is trusted by 600 demanding customers in all sectors of activity and awarded for its innovation and reliability.

Certified by ANSSI (CSPN)

The French national agency for information security has certified R&S®Web Application Firewall for its first level security certification.

Label France Cybersecurity

Rohde & Schwarz Cybersecurity is awarded “France Cybersecurity Label” by the French government, which proves the quality and performance of our Web Application Firewall (WAF).


In the Magic Quadrant for Web Applications Firewalls, Gartner underlines the ease of use and in-depth security features of R&S®Web Application Firewall.

Why choose R&S®Web Application Firewall?

Discover why relying on R&S®Web Application Firewall is the right decision for you.

  • Ease of Administration

    Because you need your administrators to be productive and agile, not loose time in unnecessarily complex, repetitive tasks.

  • Effective Security

    Because you need to actually block application-layer attacks and don’t want another false positive-prone intrusion detector.

  • Application Security Innovation

    Because you know old recipes don’t work and want to take advantage of innovative approaches in application security.

  • WAF-DAST Integration

    Because you need to discover those unprotected, vulnerable web applications and protect them at the lowest possible cost.

  • Ubiquitous Security

    Because you need to protect all web applications, be they on premise or in the cloud, business critical or not.

  • NextGen Application Security

    Because protecting your IT requires an integrated solution, combining scanning, web application & services security and user access.

Form Factors

Deploy your Web Application Firewall (WAF) anywhere, even in the cloud.


Dell appliance bundles

The appliances offer price/performance choice that meet the IT needs of small and large companies. No installation needed, it takes only a few minutes to deploy R&S®Web Application Firewall.


Virtual machine (VM)

The software relies on a CentOS Linux operating system which has been specifically optimized and hardened to meet the requirements in terms of security and performance.


Only for R&S®Web Application Firewall - Enterprise Edition

Rohde & Schwarz Cybersecurity takes application security to the cloud and is delivering its WAF on the Amazon Web Services marketplace, on Microsoft Azure and on many OpenStack platforms


Cloud Protector

Leveraging the scalability of the cloud, R&S®Cloud Protector removes the need for technical expertise and simplifies the steps required to protect and accelerate any web site.

Customer references

What our customers are saying about R&S®Web Application Firewall

Rohde & Schwarz Cybersecurity has enabled us to quickly secure our B2C and B2B sites and to highlight the potential weaknesses of existing applications.
R&S®Web Application Firewall is effective and allows us to block each day a hundred attacks. Both intuitive and easy to use, Rohde & Schwarz Cybersecurity products are also focused on the user experience.
R&S®Web Application Firewall allows us to efficiently protect applications that are behind the reverse-proxy and allows our customers and users to access the servers at all times to access weather data. It also allows us to efficiently decrypt and encrypt their queries.
R&S®Web Application Firewall allows us to continue to develop efficient applications for our customers while guaranteeing maximum security. We were able to reduce the traffic of malicious robots by 70%.
R&S®Web Application Firewall allows us to maintain a high level of security for our internal and external applications while remaining in line with ANSSI recommendations.
Digitization requires the free exchange of mobile data as well as with our partners and customers. R&S®Web Application Firewall allows us to accompany these changes, with agility while keeping control of flows and without constraining the trades.
R&S®Web Application Firewall based on reverse-proxy technology has enabled us to streamline the publication of our web applications. Coupled with the SSO Web, we were able to strengthen and simplify user access to applications.
The deployment of the ANSSI-certified R&S®Web Application Firewall solution as a cluster guarantees us layer 7 security and high application availability.
R&S®Web Application Firewall makes it easy to break down and introduce new services. It protects our applications and websites quickly and efficiently, ensuring high availability.
The protection of many internal and external applications by R&S®Web Application Firewall meets our security needs and saves us time in publishing new web applications. This solution is embedded in our policy to strengthen the safety of our patients and their data.
Christophe de KervilerChief information security officer
Pascal FremeauxInfrastructure and Security Manager
Jérôme BourgeaisNetwork and Security Department
Pierre SalaveraIT Department
Denis LionnetChief Information Officer
Mathias LargilliereChief information security officer
Jean-François MaureyHead of the digital uses department
Clément SchneiderCo-founder
Bruno ClicqueIT Manager
Fabrice SchindlerNetwork Engineer

Download the R&S®Web Application Firewall Business and Enterprise Editions datasheets.