Contact us

Any question?
Leave us a message








You are here

Approach WAF, an innovative technology combined with extended expertise

WAF, an essential security tool

Web Application Firewalls (WAF) can monitor, detect, and block web-based attacks by inspecting the content of the traffic so as to improve the security of your web applications. They are complementary to traditional network firewalls that can only block traffic based on its origin and destination..

"We have drawn on our in-depth cyber security expertise and methodology to develop an innovative and unique WAF that provides proven effective security at limited license cost. "

Approach WAF, much more than a traditional WAF

Traditional WAFs often fail in practice due to “bad” implementation and deployment :

  • They are black boxes. They contain obscure one-size-fits-all "magic rules" that generate unexplainable false positives. This often leads to the deactivation of most of the rules that are supposed to protect the application.
  • They allow most traffic and expect you to explicitly add most of security. As a result, security is generally very limited and does not cover the full spectrum of the content.
  • They lack an integrated methodology to manage their configuration, deployment and maintenance. As a result, WAF configurations are often not in line with the applications.

Approach WAF offers a completely different and innovative approach to ensure proven effective security:

  • By default, the “deny all” rule is applied to all traffic. Security is therefore extended to the full spectrum of the content; no part could be mistakenly “forgotten”.
  • Rules are activated to allow expected traffic only. Our WAF includes many preconfigured rules that will suit most of your applications. The Approach WAF is transparent and open and can therefore be easily used with full knowledge of the purpose of such rules.
  • We have developed a fully integrated methodology to ensure proper implementation and maintenance.

Here is an highlight of our major differentiators compared to traditional commercial WAFs and the main Open Source solution:

 Logo Approach Waf
Approach WAF
Logo Approach Waf
OWASP ModSecurity
Core Rule Set
Traditional
commercial WAF's
Approach WAF Logo Attack Pattern detection
Approach WAF Logo Default "Deny all"
Approach WAF Logo Behavioural & history analysis
Approach WAF Logo Scalability (H&V)
Approach WAF LogoMulti-environment
Approach WAF Logo Transparent and open
Approach WAF LogoGood Practice enforcement
Approach WAF LogoComplete Management Framework

Approach WAF, more value for less money

The licence cost is minimal by relying on open-source technologies. You mainly pay for security expertise.
Furthermore a “deny all” philosophy translates into an immediate level of security. In other words, more security for less money.

Approach WAF, two editions for two different needs

Approach WAF is available in two versions coming with the same modules and the same security features.
The difference lies in the pre-configuration and in the customization capabilities.

 
Advanced Edition

Standard Edition
Approach WAF Logo Security Features  
Approach Security Framework
Approach Management Framework
Default "Deny all" (H&V)
Full control on white listing
   
Approach WAF Logo Deployment & Management  
Multi-environment
Redundant & Scalable
Easy 3rd party integrationt
Transparent and open
   
Approach WAF Logo Full Managed servicesOptionalOptional
  • The “Advanced Edition” is intended for datacentres and large companies. It is entirely customizable and aims to be tightly integrated in your environment with your own technologies. This version is preconfigured with the “deny all” philosophy and white listing must be explicitly activated.
  • The “Standard Edition” is a standalone virtual machine, with pre-activated security rules that will allow most common traffic. The operating system and the core components cannot be modified.

For both versions, you can subscribe to a service to have Approach managing the WAF and its evolution.

Approach WAF, from a custom implementation to a product

Approach, your cyber security partner

Discover more here

Our customers

See more