XcellSecure | Cirtix WAF

Protect your apps and APIs across multi-cloud.

Get robust security with a proven web app firewall.

Your applications and APIs are your most valuable—and vulnerable—assets.

7 Days Free Trial Schedule Demo Take Tour Datasheet

Threat Blocking & Privacy Features

Collective intelligence to identify new threats
Reputation-based threat protection
Comment spam protection
Block or challenge visitors by IP address
Block or challenge visitors by AS number
Block or challenge visitors by country code
User agent blocking
Zone lockdown
Security level configuration
Differentiate between humans and bots using Tor

use cases

Protect websites and applications


The primary function of a WAF is to protect applications that communicate over HTTP, including websites, API endpoints, and serverless functions.

WAFs are the first layer of defense for the web. They can detect and block known and unknown attacks, lock down insecure systems, prevent data leaks, control access to URLs and ports, and mitigate the risk of inadequately configured servers.

A WAF provides all the benefits of a regular network firewall and more. It can detect advanced attacks such as the ones described in the OWASP Top 10 Threats list, enforce security policies, and ensure SSL security mechanisms

Comply with security and regulatory standards


While threat prevention is the primary use case for a WAF, it’s not by any means the only one. Any website that processes or stores credit card data must comply with the Payment Card Industry Data Security Standard (PCI-DSS). Non-compliance can have grave consequences; breaches or credit card frauds in uncertified systems are heavily fined.

PCI-DSS mandates that websites must pass a security assessment (Requirement 6.6). The requirement can be fulfilled either by a code review—which can be expensive—or by setting up a WAF. Adopting a WAF can be the quickest and most efficient way to comply with regulatory requirements.

Credit card companies are not the only ones demanding increased security levels; other regulatory standards such as HIPPA and SOX have similar requirements.

Control bots and prevent DDoS attacks


Bots are taking over. A third way in which WAFs can help us is by controlling their access to our systems.

On the Internet, there are good bots and bad bots. The good ones are fundamental for keeping things working. The bad ones will try to scrape content from websites, send spam, steal information, install malware, abuse APIs, brute force passwords, or initiate a DDoS attack.

Bots can cause damage by amplifying the effect of exploits or by over-utilizing resources and causing unexpected costs. NixCraft learned this the hard way when they started suffering from spambots. Fortunately, implementing StackPath’s WAF nipped the problem in the bud. StackPath’s WAF can block repeated access from bots with fine-grained rate limits and CAPTCHA rules.

Patch vulnerabilities


No code is perfect. Despite the best efforts to secure an application, there will always be some chance of vulnerabilities sneaking into production. When that happens, it can take some time until a solution is found and a patch is released.

The situation is even worse when a third party owns the code. Some vendors can take several days or weeks to release a patch. For instance, WordPress, the most popular CMS platform in the world (and the most hacked), releases security patches on a monthly schedule. Some of its plugins can have even more infrequent release schedules.

Unmaintained code is another problem altogether. When the source is no longer available, there is no way to patch it. In such cases where there is no suitable alternative, a WAF can be the only way of securing and locking down these systems.

Detect intrusions in real-time


Administrators and security teams have to keep track of traffic in real-time to detect attacks and act accordingly. On distributed systems, this is difficult because logs are scattered among many heterogeneous interfaces. Oftentimes intrusions are only detected hours or days after taking place.

A WAF acts as a central point of logging and metrics collection, with a particular focus on security. Administrators can monitor traffic, detect attacks in real-time, and take appropriate actions. WAF logs are also vital for diagnosing and assessing previous attack attempts.

WAN optimization


Since WAFs can inspect and filter HTTP packets, organizations can set up rules to allow or block connections based on their content. For example, a WAF can prevent certain types of files or content types from passing through the wires.

WAFs can be configured to serve differentiated content based on the originating country, too. For example, to serve geographically-dependent content, you can implement regional locking or comply with export restrictions.

THE OPEN WEB APPLICATION SECURITY PROJECT (OWASP)

Citrix WAF provides protection against the OWASP Top 10

b1

SQL Injection

b2

Security Misconfiguration

b3

Cross Site Scripting

b4

Insecure Direct Object References

b5

Sensitive Data Exposure

b6

Broken Authentication & Session Management

b7

Missing Function Level Access Control

b8-2

Cross Site Request Forgery (CSRF)

b9

Components with known vulnerabilities

b10

Un-validated Redirects & Forwards

Meet governance and compliance requirements, including PCI-DSS

Defend your applications and APIs against OWASP top 10 threats and zero-day attacks.

block-2

Citrix Web App Firewall threat protection includes,
but is not limitedto:

SQL injection
Cross-site scripting
Cookie tampering/stealing
Form validation and protection
Virtual Patching
JSON payload inspection
AI/ML Based zero-day attack protection
Bot Management
Centralized controller
Detailed Analytics
SIEM Integrations
API Security: Rate Limit, Auth, Threat Protection
Data loss prevention
DoS protection
PCI-DSS compliance verification
Signature and behavior-based protections
HTTP and XML reply
request format validation

79% of global networks are compromised at least once by cyberattacks.

Increase your security efficacy to reduce and manage risk.

38% of organizations with multi-cloud environments say consistent security policies are important in reducing risk of security breaches.

See how Citrix ADC on AWS can help you enforce consistent security policies.

security

Web Application Firewall

Fight web attacks in seconds without slowing down your website

Multi-Cloud Holistic Security Framework

Xcellhost offers a single source of control for the security of websites, applications, and APIs, hosted across multiple cloud environments.

Built for Performance

Our web application firewall sits on the same Anycast network that powers our global CDN, HTTP/2, and web optimization features.

Affordable, flat pricing

Xcellhost will never bill you for bandwidth spikes. We charge a flat rate based on your plan, so you can rest easy.

Automatic WAF Updates

When we find threats that apply to a large portion of our users, we automatically apply WAF rules

FREQUENTLY ASKED QUESTIONS

At times, Azure can be a very complicated platform. It can take a while to understand the entire platform comprehensively. Your IT team may need to spend hours to understand Azure completely. There are wide range of options available for Azure deployment, which can overwhelm a first-time user. Also, the Azure platform is unmanaged.

Our Microsoft-certified experts at XcellHost will help you understand the Azure platform, guiding you with all the technical nuances that come with Azure management. We will provide server management, platform management, and instance management that includes patching, OS hardening, 24/7 monitoring, automatic backup and updates, disaster recovery etc.

In short: We take care of your Azure, so that you can take care of your main business.

Even if you purchase Azure directly from Microsoft, there is a lot of technical expertise required for setup, deployment and operations of Azure. Managing Azure is very complicated without proper support. XcellHost takes care of everything from beginning to the end, leaving you completely relieved.

We are a Microsoft-certified Gold Partner with more than 14 years of experience in the industry. Many of our engineers have worked with Microsoft in the past, so you can be very sure of getting the excellent value out of it. When you sign-up with XcellHost, you don’t pay anything additional for the infrastructure. Your pricing remains the same as Microsoft.

Managed Azure Basic:

1. Basic 24/7 Monitoring

2. 1 Hour/Month Support

3. No OS-Related Service Monitoring

4. No I/O Monitoring Available

5. No Managed Backup Available

6. No Health Checks Available

Managed Azure Advanced:

1. Advanced 24/7 Monitoring

2. 2 Hour/Month Support

3. OS-Related Service Monitoring

4. Read/Write I/O Monitoring Available

5. Managed Backup Available

6. Health Checks Available

Note: All our plans include 24/7 support via phone, chat and e-mail.

XcellHost will be a single point of contact for all your Azure requirements. We have a dedicated team working round-the-clock to provide 24/7 support via email, phone or chat. We typically respond within an hour of raising ticket. Some cases that require attention from our engineers can take upto 24 hours. In very rare cases which require escalation to Microsoft, it may take a little longer.

Apart from our impressive track record in managed cloud services and round-the-clock support, we claim to have the lowest prices in the market.

We are Microsoft Partners with Gold competency for “Small and Midmarket Cloud Solutions” along with Silver competency in “Cloud Platform” and “Cloud Productivity.” With more than 10,000 installations spanning across 90+ countries,XcellHost is a force to reckon with in the cloud industry.

Feel free to contact us anytime:

Email: 

Related Products & Services

Business email

Business Email

Our Business Email package comes with a storage space of 5GB per account. This is dedicated to file storage and also backs up all your mails on our state of the art infrastructure, making sure you never experience a loss of mails

Microsoft Integration_1

Microsft 365

Includes Office 365, Windows 10 & Enterprise Mobility + Security. Learn More Now. Trusted & Secure. Secure Cloud Service. Intelligent Security. Built For Teamwork. Achieve More Together.

Email signature

E-mail Signatures

Microsoft Office 365, Exchange Server and G Suite solutions for email signatures, archiving, email utilities & more.