Contents x
    Web Protection Capabilities and Overview
    • 11 Sep 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Web Protection Capabilities and Overview

    • Updated on 11 Sep 2023
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    About this Article
    This article provides an introduction to VSP Web Protection and its Workflow.

    VSP Web protection stops known and unknown, zero-day, memory, fileless, file-based attacks from infecting workloads. It protects workloads from zero-days and other unknown attacks. Refer Compatibility Matrix to view 
    1. Supported Application Server Technologies
    2. Supported Web Server Versions
    3. Configurable Vulnerabilities for which VSP protection is desired

    Apart from workload protection, the VSP-Web component deployed on Web servers is “language stack independent”, providing greater compatibility with different Web servers. Click here for more information about Web Protection on Web Server.

    Web Protection monitors user provided inputs, the execution of inputs and the application response with complex HTTP filtering, interpreter syntax mapping and strict runtime controls to detect and prevent  attacker-provided inputs to a web application.

    • Web Application and API Protection for attacks coming via http/https channel
    • Detects OWASP Top 10 Attacks on protected web applications using deep instrumentation of applications frameworks and/or web servers
    • Blocks Web-based attacks by examining the HTTP payloads and resulting transactions


    Workflow

    The workflow at a high level is provided below:

    1. CMS Application configuration - This is covered as part of the Installation process:
      1. VM - CMS applications are auto-discovered with the Probes are associated with them. The security configuration must be performed for the Application processes
      2. Container - CMS application must be created and configured as described here
      3. Application Server type enable Web Protection 
      4. Web Services type protects Web Protection on Web Servers. Ensure that Web Profile is also configured
      5. Click here to view the differences between Application Server and Web Server functionality
    2. Secure the application in the CMS
    3. Monitor the application
    4. Maintenance - Click here for more information about the upgrade scenarios



    Was this article helpful?
    What's Next