UserGate WAF (Web Application Firewall) is based on a proprietary web traffic analysis engine developed by UserGate specialists without the use of open-source components. UserGate WAF has FSTEC certificate No. 3905.
The product is delivered as a virtual machine image for local deployment and is compatible with dozens of popular domestic and foreign hypervisors. The image includes the UGOS operating system and UserGate WAF software, as well as built-in rule databases for protecting popular applications and protecting against threats from the OWASP Top-10 list. The databases are updated in real time, independently of software updates, the moment UserGate experts find a new threat and create a rule to counter it.
The UserGate WAF solution is designed for local deployment and use to protect websites in web applications based on the customer's own infrastructure. The company plans to release UserGate WAF hardware and software systems in the near future. The company explained:
In the early stages of development, it was determined that the product would be a standalone solution, not one of the NGFW modules. This decision was made for several reasons. First of all, web application protection is relevant not for everyone, but only for those companies that have web applications and websites with incoming and outgoing HTTP(S) traffic in their infrastructure.