Discover the Key features of DenyAll rWeb

DenyAll rWeb is the most feature-rich WAF in terms of security. It helps stop real-world attacks targeting your apps and data

key features of rWeb


Security engines to adjust policy to the criticality of your apps, ensure actual attacks are blocked, not your valid traffic.


Combining basic filtering methods (negative and positive security), with user behavior analysis and more advanced techniques, as required, to actually block attacks while minimizing the risk of false positives.

Scoring mechanism

The Scoring list interprets requests, assigns weights to potentially dangerous parameters, blocks when threshold are reached.

Scoring mechanism

The technology, tested against the real traffic data of loyal customers for two years, is very effective against both know and zero day attacks. It requires no learning, no updates and generates few false positives.

Behavior analysis

Analyze user actions to identify bots, block business logic attacks attempting to steal credentials or bring your app down.

Behavior analysis

User Behavior Tracking prevents the illegal abuse of user rights and attacks such as cookie theft, brute force authentication, password cracking, site downloading, application-layer denial of service attacks.

Advanced engines

Basic filtering doesn’t work for modern apps. A new generation of security engines is required to effectively secure them.

Advanced engines

Signatures can be bypassed. App learning isn’t practical in agile environments. rWeb’s grammatical analysis and sandboxing techniques increase efficiency, block attacks without generating false positives.

XML Security

rWeb is a full Web Services Firewall, also capable of securing your Service Oriented Architectures and Web Services members.

XML Security

WSDL, XSD and DTD template validation, XML transformation, access control lists (by URL, function, source IP), signatures against xPath and XML injections, attachment virus scan via iCAP, protection of UDDI servers.

Virtual patching

Test and adjust rWeb’s security policy to prevent the exploitation of your applications’ actual vulnerabilities.

Virtual patching

Tight integration with DenyAll Vulnerability Manager provides administrator with practical recommendations on how to improve the WAF’s efficiency, by activating additional security engines, creating specific rules.

High reliability

Protecting business critical web applications and web services from attacks, rWeb is a time-tested, rock solid product.

High reliability

Deployed as a reverse proxy, in blocking mode, rWeb acts as the actual web server, terminating standard and SSL traffic. With its built-in active-active and active-passive clustering capabilities, it won’t fail you.

Quick & easy setup

Administrators need to be able to deploy policy quickly and on multiple devices, as applications are being created.

Quick & easy setup

A checkbox-based, layered administrator environment, combined with templates for typical applications, APIs, command-line interface and console help streamline and industrialize the deployment process.

Certification & Awards

DenyAll is trusted by 600 demanding customers in all sectors of activity and awarded for its innovation and reliability

Certified by ANSSI (CSPN)

The French national agency for information security has certified DenyAll rWeb for its first level security certification.

Label France Cybersecurity

DenyAll is awarded “France Cybersecurity Label” by the French government, which proves the quality and performance of our Web Application Firewall rWeb.

Gartner’s MQ for WAFs

In the 2017 Magic Quadrant for Web Applications Firewalls, Gartner underlines the ease of use and in-depth security features of DenyAll WAF.

Why choose DenyAll rWeb?

Discover why DenyAll rWeb is the product that best meets your needs

  • Most effective against real attacks

    Because of its time-tested ability to counter evasions, prevent defacements, servers being brought down and data breaches.

  • Choice of filtering techniques

    Because it offers black list, while list, scoring list, user behavior tracking, advanced detection engines and Web Services security.

  • Comprehensive security

    Because rWeb secures all your Web apps and Services, be they internal, on the Internet, deployed on premises or in the cloud.

  • Fully reliable

    Because of rWeb high availability features and proven track record at protecting our customers’ critical applications.

  • Vulnerability aware

    Because of rWeb tight integration with DenyAll Vulnerability Manager, provides granular virtual patching recommendations.

  • Ease of administration

    Because it can be configured in a few clicks, using checkboxes and templates, and deployments automated via its API and CLI.

Form Factors

Deploy your DenyAll rWeb anywhere, even in the cloud


Dell appliance bundles

DenyAll appliances offer price/performance choice that meet the IT needs of small and large companies. No installation needed, it takes only a few minutes to deploy DenyAll rWeb.


Virtual machine (VM)

The software relies on a CentOS Linux operating system which has been optimized and hardened to meet the most stringent requirements in terms of security and performance.


Cloud-based solution

DenyAll takes application security to the cloud and is delivering rWeb on the Amazon Web Services marketplace, on Microsoft Azure and on many OpenStack platforms.


Cloud Protector

Leveraging the scalability of the cloud, Cloud Protector removes the need for technical expertise and simplifies the steps required to protect and accelerate any web site.

Customer references

What our customers are saying about DenyAll rWeb.

We had suffered the deformation of our website a decade ago. Rohde & Schwarz Cybersecurity solutions have allowed us to counter this kind of attack and allow us to be protected with serenity.
R&S®Web Application Firewall has enabled us to easily secure external access to our business applications while protecting us from attacks.
The cluster deployment of R&S®Web Application Firewall enhances the protection of our external APIs by blocking SQL and cross-site scripting type attacks to prevent leakage of customer data. Its reliability and ease of use are well-known in the banking sector.
The deployment of R&S®Rweb as a cluster strengthens our protection against application attacks such as Site Defacing and SQL Injection and ensures high availability of our business applications.
Emélian AYORANetwork Manager
Sieu-Dax ToCISO
Emmanuel HelfensteinNetwork & System Manager
Diaga GueyeData Center Infrastructure Manager

Download DenyAll rWeb Datasheet