Being developed on modern architecture it tends to works on both and even in a hybrid cloud as well.
Prophaze WAF can be onboarded in just 5 minutes in cloud WAF and can be installed in 1 hour in an on-prem mode.
As it supports cloud native applications and purely works as software defined WAF, leaves many seen, unseen complexities behind, which makes it Next Gen WAF.
Yes it supports both.
Generally, to consider a WAF, majorly it encapsulates two parameters, one product cost based on number of applications (FQDN) and second bandwidth price. And it works in subscription model as of now.
Yes, not only SIEM integrations but any kind of tools integration, whether related to database or open source tools.
There is no limitation, it can seamlessly pillar to endless applications at the same time, because of its architecture.
Yes Prophaze WAF provides Multi tenant Dashboard, from where real time reports can be generated.
Yes, it supports a good wealth of customizations.
It depends on the applications, minimum 7 days and can go upto 14 days.
This is pure SD WAF, with no single iota of hardware involvement.
Its subjected to the applications and bandwidth, majorly its paid one.
Installation Questions:
Onboarding of SAAS happens in 6 clicks, where customer registers himself and can get access to the dashboard, where with some minimal pre-requistes, onboarding happens. Customer need to have a DNS access for this.
Customer is asked for 2-3 VMs depending on the capacity and then we put our instances deployed on that.
Customer should have access to DNS eg. If application is hosted on AWS then Route53 access would be required to perform CName change OR Arecord change, where a certain value is provided by prophaze to perform IP masking.
So for On prem, in 16 GB, 4 vCPUs it supports 800 requests/sec, if someone is asking for 1000 requests/sec or more then it then capacity planning can be performed.
DDos Questions:
Yes it supports all 3 layers for DDos protection.
For Layer 3/4 it can support upto 17tbps.
Yes AI/ML rate limiting is available where, it can rate limit the bot attacks and allows only genuine requests at the customer servers.
Bot Protection Questions:
BotCry V 2.0 is fully capable and loaded with complete arms and ammunitions to handle bot attacks and provides complete protection, not just management.
Yes it protects from all sort of bot attacks.
This mechanism is completely automated, where with the help of TSV(Threat Score Value), allowlisting or disallowlisting of bots happens.
Yes it is enabled with both the challenges, to block those bots which act as a humans or those humans which try to function as a bots.
API Security Questions:
Yes Prophaze WAF provides complete API security, where it can be integrated with Swagger file also, so that developers can push their instructions into it to make it more customised.
Yes it operates in API gateway
General Questions can be asked:
We are listed in Kuppinger Cole report as a innovation leader Jul 22’, which is equivalent Gartner Magic Quadrant , we are seeing us in next 1-1.5 years there.
All sort of Https or https application it supports, APIs, CRM, ERP, which has a url and can be accessed through browser, whether internally through VPN or externally through internet.
Prophaze WAF holds multitenant dashboard, where complete spectrum of controlling the activities can be performed.
Yes, manage service option is available and can be discussed widely.
As its a application Aware WAF, managing of OWASP top 10 or pre configuration of rules happens automatically.
Prophaze WAF supports all cloud providers, majorly we are into AWS, Azure, GCP and Digital Ocean.
As it holds the capabilities to create one to one ML models after analyzing the particular application traffic, so this not only sits at the gateway but can vouch inside the application to know its poor built in security and other factors.
It supports, SAAS, Customer Cloud, Customer Data Center and Kubernetes deployment for micro service applications through ingress controller.
No TCO is low, as there is one time price, no different cost for support and new rules.
Version release every 4 months, small updates every week, mid level signatures and CVEs updates every month.
Yes its complete pure AI/ML product.
RASP and WAAP
Underlying benefits are auto scaling, cost effective, automation in workflow and very seamless works in HA environment.
Across globe prophaze WAF has around 55 virtual POPs and 24 itself in India.
Anyone who is managing there critical data or business online, would be requiring this.