About the features of the cloud-based WAF "Scutum"
table of contents
This is Ohara from the Technical Sales Department
a WAF service that we handle"Scutum,"we will introduce the features of
*ScutumSecureSky Technology Co., Ltd.is a service provided by
A WAF (Web Application Firewall) is a firewall specifically designed for applications on websites. Its
primary role is to protect websites that accept user input or
generate dynamic pages in response to requests from malicious attacks.
Unlike general firewalls,
a key feature is its ability to analyze data content at the application level.
Cloud model (SaaS model) that changes conventional WAF concepts
Conventional WAF solutions are typically
provided as software embedded in hardware appliance servers and are designed for on-site operation. This means that
requiring complex server and network configuration changes
places a heavy burden on engineers
Thus, while the concept of WAF itself is excellent,
it has not actually become widespread.
Scutum is cloud-based (SaaS) to overcome the challenges of traditional WAFs.
It provides web application firewall functionality through the Scutum Center.
your web server's original IP address
setup is complete simply by changing your DNS settings so that
It is possible to build a more secure web service environment without having to own any extra equipment
Easy to install
■ Installation in as little as 3 days
From application to start of use, you can start using the service with just a few simple procedures (in as little as three days)
■Can be installed and removed without changing the system configuration
All the customer has to do is switch the DNS, and it can be implemented immediately
■ Installation and cancellation can be done without stopping the service
There is no need to worry about website service being interrupted when installing or disabling the WAF function
FAQ
Question: Is it possible to encrypt communications when handling personal information? (To prevent eavesdropping)
Answer: We can support encrypted communications using SSL.
Question: Is content tampering detection possible?
Answer: While "Scutum" cannot detect if content has been tampered with,
"GRED"web content tampering prevention and detection service
to provide a
*However, recovery of tampered web content is not covered.
Question: Is it possible to detect unauthorized access?
Answer: It is possible to defend against external attacks such as those listed below.
● Defense function:
A function that blocks communication if it detects a pre-registered malicious communication pattern.
● Monitoring function:
This function records any malicious communication patterns that are pre-registered.
(The communication itself is not blocked.)
logging function
A function that records and allows viewing of suspicious communications detected by the Scutum
● Software update function
: A function to update the software in order to improve Scutum's defense functions, etc.
● Signature update function:
A function that updates malicious communication patterns to the latest version in order to improve the effectiveness of the security update function.
● Specific URL exclusion function:
A function that excludes unnecessary web pages from being protected.
● Reporting and
statistical functions (attack source, attack type, action), top-ranking attack sources and attack types, etc.
● IP Address Rejection/Allowance Function:
A function that rejects communication from specific IP addresses, or allows communication only from specific IP addresses.
● SSL communication function:
A function that decrypts and protects encrypted communications.
Question: Is it possible to prevent the communication and execution of malicious SQL statements and OS commands? (e.g., SQL injection)
Answer: It is possible to detect these using the default defense features.
Question: Is it possible to detect and prevent suspicious logins?
Answer: We have implemented defensive signatures against brute-force attacks and the like.
Question: Do you keep logs of unauthorized access?
Answer: We keep detected logs for one year.
Question: Is it possible to block communications from unexpected sources or using unexpected communication protocols?
Answer: Access can be restricted by IP address using the functions available on the management screen.
*Only HTTP (80) and HTTPS (443) are available as communication protocols.
If the origin server is configured to block all communication except via Scutum using a firewall or similar mechanism, you will
not be able to access the origin server using any other protocol.
*By restricting the web server to accepting only communications via Scutum, a
more secure environment is created.
Question: Is it possible to store WAF operational status logs? (For monitoring operational status and reporting functions)
Answer: You can check the defense logs from the management screen.
summary
These are the features of "Scutum"
Because it's a SaaS model, there's no need to prepare a separate appliance, and the service can be started simply by changing the DNS settings
, freeing you from the troublesome management and operation of web content security.
Furthermore, if you want to strengthen server-side security,
Trend Micro's"Trend Micro Security as a Service."we recommend using
1
Loading...1 
The person who wrote this article
About the author
