Rohde & Schwarz Cybersecurity announces availability of R&S®Web Application Firewall 6.5
July 2018 by Marc Jacob
At the recent Cybersecurity Summit in Paris, IT security expert Rohde & Schwarz Cybersecurity announced general availability of R&S Web Application Firewall version 6.5, enabling existing customers to upgrade to the latest release. The core innovation assembles several features to improve efficacy of the attack detection, while avoiding false positives and maintaining distinctively simple administration.
New Long Term Support version
Over 600 customers have already deployed previous versions of the R&S Web Application Firewall product. The new version, R&S Web Application Firewall 6.5 (Long Term Support, LTS), is the culminating point in the product lifecycle, combining four years of innovation to meet requirements of the most demanding enterprise customers. LTS is a special version which brings together features from previous releases. The release 6.5 is a stable version intended for use in production environment. Over 90 per cent Rohde & Schwarz Cybersecurity customer base uses LTS version to reduce the risk, expense, and disruption of software deployment. R&S Web Application Firewall 6.5 extends the period of software maintenance to at least three years and enables customers to easily manage their web applications. Version 6.5 is driven by customer feedback exemplifying Rohde & Schwarz Cybersecurity’s commitment to the best-of-breed application security.
Focusing on customer needs: usability and security
R&S Web Application Firewall 6.5 is grounded in the following needs of Web Application Firewall administrators and DevOps teams: usability and security, such as better protection, faster response times, deployment automation and optimization of administration. Using its unique workflow technology R&S Web Application Firewall is able to meet specific customer requirements while proving a competitive and highly robust security solution.
Usability is a requirement of growing importance in the Web Application Firewall market and the one closely related to a tangible benefit of lower Total Cost of Ownership. Long gone are the days when enterprise organizations could afford to have teams of trained engineers administering complex management consoles, writing scripts, digesting thousands of lines of security alerts to avoid false positives. R&S Web Application Firewall can be seamlessly operated in the daily business of large enterprises and SMEs alike. The current release contributes to enhancing this key differentiator in a number of ways:
• Realtime Monitoring & Analytics: analyzing comprehensive log data is made easier with a web-based and fully configurable security dashboard enabling to identify and respond to anomalies and to adjust security policies accordingly
• New multi-user management allowing multiple user accounts to access the management console with writing privileges thus permitting security control to be shared by different administrators
• Improved replay mechanism taking advantage of security alerts. This feature is able to ’replay’ existing logs against a testing policy, and that for all existing security engines even from custom-made alerts concluding false positive resolution at a glimpse. It can also result in an automatic resolution of a security log or a batch of security logs.
• Whitelisting capability based on the swagger - open API specification supporting new web applications that require multiple updates per day. This feature allows to dynamically consume the latest swagger file produced by the DevOps team, and updating the whitelist becomes as simple as uploading the new schema through our API.
• Availability of API REST/JSON making the way for new automation and orchestration capabilities. _• New security engines, JSON security and manipulation and exception management permitting simple creation and clear graphical integration of any security policy
Security is by far the most critical attributes sought for Web Application Firewall and the one that characterizes Rohde & Schwarz Cybersecurity’s competitive edge. The company continues to enhance the products to effectively counter known and unknown application-layer attacks. The following items have been added to the R&S Web Application Firewall feature set for higher security and customization:
• Unparalleled API Security with JSON and XML validation, JWT support, fine-grained API whitelisting providing enforced control over the structure of the websites or web services
• New workflow able to validate a JSON document against a schema enforcing JSON-based communication in web services and APIs
• IP Reputation feature optimizing performance of the Web Application Firewall by adjust the authentication and security policies based on user context and behavior
• Chaining multiple security engines for higher security effectiveness on most critical applications and complex user context scenarios
• New ’pooling mode’ feature supporting distributed architectures to provide the best enhancements in terms of security, without compromising user experience
The company remains committed to further innovation of its application security solutions. Through continued research and development activities Rohde & Schwarz Cybersecurity is already planning the future. New product enhancements that integrate evolving standards and technologies, while harnessing the power of Cloud and Artificial Intelligence will continue to enchant the customers.
R&S Web Application Firewall 6.5 is available for immediate download from: