Sold by: DAS-SecurityÂ
Deployed on AWS
DAS Web Application Firewall (DAS-WAF) is equipped with five core detection
capabilities Semantic Analysis Engine, BOT Protection Engine, Threat Intelligence
Engine, Behavioral Analysis Engine, and Basic Feature Engine. By integrating
active defense with passive security measures, it can effectively identify
suspicious, known, and unknown threats. The WAF is capable of learning and
recognizing new attack patterns, adaptively adjust its defensive strategies,
achieving an exceptionally low false positive rate while providing robust
protection against zero-day attacks. It empowers users to build a comprehensive
security framework, ensuring more efficient, compliant, and stable web
application protection.
Overview
Web Application Firewall provides protection against evolving cyber threats in these ways: Website Identification: Recognizing websites within web traffic. Protocol Parsing: Analyzing the protocols used by web applications. Deep Decoding: Inspecting the deeper layers of web traffic for anomalies. Simple Traffic Model Analysis: Evaluating basic traffic models to understand normal versus abnormal behavior. These steps activate the five integrated detection engines for multi-dimensional and in-depth inspection, enabling both proactive and reactive protection of web traffic.
Features
Website Auto-Discovery- Build A Secure And Credible Digital World DAS-WAF can automatically discover Web applications within your network environment and sort out Web application asset information, including protocol types (HTTP/HTTPS, IPv4/IPv6), server IP, server port, domain name and other information. This capability provides you with a rapid and comprehensive overview of your existing web-based business assets, enabling targeted protection strategies for each identified web application. Semantic Analysis- DAS-WAF utilizes an advanced semantic analysis engine that integrates lexical, syntactic analysis, and contextual correlation to accurately detect and block web attacks. It supports detection of 13 types of semantic syntax attacks, including SQL injection, XSS, PHP deserialization, and Java code injection. By using this approach, DAS-WAF drastically reduces false positives and negatives compared to traditional regular expression-based signatures, significantly easing the burden on security administrators for rule maintenance. Behavioral Analysis- DAS-WAF uses advanced behavior analysis to precisely detect and block application-layer DDoS attacks, brute force attempts, and other automated attacks. It applies proprietary behavioral detection algorithms, evaluating combinations of URL, request headers, target IPs, and request methods to ensure accurate and efficient threat detection and blocking. Threat Intelligence- DAS-WAF integrates threat intelligence to accurately cover a wide range of malicious IP data sources, including botnet IPs, scanner IPs, proxy IPs, brute force attackers, exploit attempts, and malicious crawlers. Upon detecting malicious IP access behavior, DAS-WAF can either alert administrators or block the access, ensuring robust protection against emerging and known threats.
BOT Protection- The DAS-WAF can detect and block access from malicious bots by identifying and verifying BOT types. This helps to prevent attacks such as crawling, scanning, and brute force attacks from malicious bots, effectively protecting web applications. Cookie Protection- The DAS-WAF supports the configuration of cookie protection strategies, such as signing or encrypting cookie values, to protect against illegal cookies. It uses the HttpOnly and Secure attributes to ensure that cookies are transmitted over secure, encrypted connections.
Highlights
- Comprehensive Monitoring and Defense:DAS-WAF prevents common web attacks,such as SQL injections, XSS attacks, webshell uploads, directory traversals, and backdoors.
- Zero - Day Protection:The DAS - WAF, equipped with an intelligent engine, effectively protect the applications from zero - day threats.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
CentOs euler
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
This product supports free testing for 30 days, but refunds cannot be issued after placing an official order
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
The latest version of DAS-WAF
Additional details
Usage instructions
Launch the AMI Deploy the DAS WAF AMI as an EC2 instance in your environment. Make sure the instance can receive traffic from your application layer and is correctly configured in your VPC or security group settings.
Access the web interface Once the instance is running, open your browser and access the DAS WAF management console via the public IP address of the EC2 instance.
Activate your license (BYOL) Upload the license file provided by DAS to activate the WAF system. A step-by-step license activation wizard will guide you through the process upon first login.
Configure protection policies
Define web application protection rules
Configure IP blacklists/whitelists, rate limiting, and threat detection
Set traffic forwarding or reverse proxy modes as needed
Integrate with your web servers or load balancers
Deploy to production Once configured, you can direct application traffic through the DAS WAF instance. The system will begin filtering malicious traffic, blocking attacks, and logging security events in real-time.
Initial login (successful login will be modified) Enter username: admin, password: Instance-ID(Instance ID,For example, i-1231xxxx) If SSH has a password, you can use Instance ID
Support
Vendor support
If you have any questions, you can call our customer service hotline+86-400-6059-110, or you can send an email to 4006059110@dbappsecurity.com.cnÂ
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.