UserGate WAF (Web Application Firewall) is based on a proprietary web traffic analysis engine developed by UserGate specialists without the use of open-source components. UserGate WAF has FSTEC certificate No. 3905.
The product is delivered as a virtual machine image for local deployment and is compatible with dozens of popular domestic and foreign hypervisors. The image includes the UGOS operating system and UserGate WAF software, as well as built-in rule databases for protecting popular applications and protecting against threats from the OWASP Top-10 list. The databases are updated in real time, regardless of software updates, at the moment when UserGate experts find a new threat and create a rule to counter it.
The UserGate WAF solution is designed for local deployment and use to protect sites in web applications based on the customer's own infrastructure. The company's immediate plans include the release of UserGate WAF hardware and software systems. The company explained:
In the early stages of development, it was determined that the product would be a stand-alone solution, not one of the NGFW modules. This decision was made for several reasons. First of all, web application protection is relevant not for everyone, but only for those companies that have web applications and sites with incoming and outgoing HTTP(S) traffic in their infrastructure.