[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

[YouTube] Beyond official channel “Biyomaru Channel”

About the functions of cloud-based WAF “Scutum”

Scutum

This is Ohara from the technical sales department.

we will introduce the functions of
"Scutum" that we handle *Scutum is a service of "Secure Sky Technology Co., Ltd."

"WAF" (Web Application Firewall) is a firewall specialized for applications on websites
, mainly for websites that accept input from users or
generate dynamic pages
plays a role in protecting against unauthorized attacks. Unlike general firewalls,
it is characterized by the ability to analyze data content at the application level.

Cloud model (SaaS model) that changes the conventional wisdom of WAF

Conventional general WAF solutions
are provided in the form of software that is embedded in hardware appliances and servers, and are assumed to be operated in-house
. Maintaining WAF operations
placed a heavy burden on engineers.

As you can see, although the concept of WAF itself is very good,
the current situation is that it has not actually become very popular.

Scutum is cloud-based (SaaS-based) to overcome the issues associated with traditional WAF.
We provide web application firewall functionality via the Scutum Center.

1%e3%82%ad%e3%83%a3%e3%83%97%e3%83%81%e3%83%a3


setup is completed by simply changing the DNS settings so that the original IP address of your web server

It is possible to build a more secure web service environment without having to have extra equipment of your own.

Easy to install

■ Installation in as little as 3 days

From application to start of use, you can start the service with just a few simple steps. (minimum 3 days)

■Can be installed and removed without changing the system configuration

The only work required on the customer's side is to switch the DNS, and installation is possible immediately.

■Can be installed and canceled without stopping the service

There is no need to worry about website services stopping when installing or canceling the WAF function.

FAQ

Question : Is it possible to encrypt communications when handling personal information? (Anti-wiretapping)
Answer : It is possible to support communication encrypted by SSL.

Question : Is it possible to detect content tampering?
Answer : Although "Scutum" cannot detect when content has been tampered with, it

can be
combined with a service called "GRED" *However, recovery of tampered web content is not covered.

Question : Is it possible to detect unauthorized access?
Answer : It is possible to defend against external attacks such as the following.

● Defense function
A function that blocks the corresponding communication when it detects a pre-registered unauthorized communication pattern.

● Monitoring function
A function that records the corresponding communication when it detects a pre-registered unauthorized communication pattern.
(Communication itself is not blocked)

●Log function
A function that allows you to record and view communications that are detected as fraudulent and are detected by Scutum.

● Software update function
A function to update the software to improve Scutum's defense functions.

● Signature update function
A function that updates unauthorized communication patterns to the latest state in order to improve the effectiveness of defense.

● Specific URL exclusion function
A function that excludes web pages that do not require protection from protection targets.

● Report function
Statistics function (attack source, attack type, action), top aggregation of attack sources and attack types, etc.

● IP Address Rejection/Allowing Function
A function that rejects communication from a specific IP address or allows only communication from a specific IP address.

● SSL communication function
A function that decodes and protects encrypted communication.

Question : Is it possible to prevent communication and execution of illegal SQL statements and OS commands? (SQL injection, etc.)
Answer : It is possible to detect it using the default defense function.

Question : Is it possible to detect and prevent suspicious logins?
Answer : We have also implemented defensive signatures against brute force attacks, etc.

Question : Do you keep logs of unauthorized access?
Answer : The retention period for detected logs is one year.

Question : Is it possible to block communications from unexpected sources and communication protocols?
Answer : It is possible to restrict access by IP address using the function on the management screen.

* Regarding communication protocols, only http(80) / https(443) can be used.
If the origin server side uses a firewall or other such device to not accept communications other than through Scutum,
access will not be possible even if you try to communicate with the origin server using other protocols.


A more secure environment will be created by only accepting communications via Scutum on the web server side

Question : Is it possible to store WAF operating status logs? (Understanding the operating status and reporting function)
Answer : You can check the defense log from the management screen.

summary

These are the characteristics of "Scutum".

Since it is a SaaS type, there is no need to prepare a separate appliance, and the service can be started by simply changing the DNS settings
, freeing you from the troublesome management and operation of web content security.

If you also want to strengthen server-side security,
we recommend using Trend Micro's "Trend Micro Security as a Service"

If you found this article helpful , please give it a like!
0
Loading...
0 votes, average: 0.00 / 10
778
X facebook Hatena Bookmark pocket
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[Osaka/Yokohama] Actively recruiting infrastructure engineers and server side engineers!

[Osaka/Yokohama] Actively recruiting infrastructure engineers and server side engineers!

The person who wrote this article

About the author

ohara

I started my career in the telecommunications industry as a salesperson in charge of introducing IT products such as NW services, OA equipment, and groupware for corporations.

After that, he worked as a pre-sales engineer for physical servers/hosting services and as a customer engineer for SaaS-type SFA/CRM/BtoB e-commerce at an SIer-based data center business company, before joining his current company, Beyond.

Currently, I am stationed in Shenzhen, China, the Silicon Valley of Asia, and my daily routine is to watch Chinese dramas and billbill.

Qualification: Second class bookkeeping