Review of the pricing, the main opportunities, the features and technical specifications of Nemesida WAF.

General information

Active users: 400+
Operation mode IPS, IDS, Combined
Delivery type
Demonstration stand demo.lk.nemesida-waf.com
(login: demo@pentestit.ru / password: pentestit)

Pricing and options

Features
Light Business Enterprise*
The type of attacks blocked SQLi, RCE, OS Injection, SSTI, LDAP, NoSQL, XSS, XXE, Information Leakage, Path Traversal, Open Redirect, Web Shell, RFI/LFI, SSRF, Account Takeover, Brute-force, abuse of SMS functionality, DDoS L7 etc.
Scalability and fault tolerance: supports Active-Active and Active-Passive clustering Yes
Bot protection: detection of DDoS L7, account takeover (ATO), flooding and other malicious traffic Yes
Detecting attacks by signature method Yes
Attack detection by the machine learning module Yes
Blocking attempts to exploit zero-day vulnerabilities Yes
API Firewall
(OpenAPI, Swagger)
Yes
Vulnerability detection using Nemesida WAF Scanner Yes
Generating of virtual pathching rules Manually Manually and automatically
Method of storing behavioral models In the cloud Within the client’s network perimeter
Number of behavioral models included in the basic license 1 5
How to manage settings Cloud web application Cloud web application and API Nemesida WAF Cabinet and Nemesida WAF API
Management of settings using a cloud web application Yes
Management of settings using a cloud API Yes
Basic technical support
(basic consultations, Nemesida WAF bug fixes)
Included in the price
(email, phone)
Extended technical support
(extended consultations, configuration, integration, Nemesida WAF maintenance)
175$/hour
(email, phone, internet communications)

* When using the Enterprise plan, component configuration, storage and management of behavioral models are performed within the network perimeter.

License renewal (annual subscription) is carried out with a 30% discount from the cost of the plan and is calculated from the current cost at the time of renewal. For more information, please contact us by email.

Diagram of Nemesida WAF modules interaction

1 Includes Nginx, the Nemesida WAF dynamic module and the Nemesida AI MLA machine learning agent.

  • Nemesida WAF dynamic module carries out a signature analysis of requests coming to the server and, based on the behavioral models built by Nemesida AI MLC, makes a decision to block them or transfer them to other modules.
  • Nemesida AI MLA machine learning module applies behavioral models built by Nemesida AI MLC to requests received from the dynamic module and sends a blocking command.
  • Nemesida AI MLC machine learning module is designed to build behavioral models and detect other anomalies (for example, Brute-force, Flood, DDoS L7).
  • The Nemesida WAF API is designed to receive information about attacks and identified vulnerabilities, as well as transmit information about blocked requests and the results of the Nemesida AI and Nemesida WAF Scanner modules to the PostgreSQL DBMS.
  • Nemesida WAF Cabinet is designed for visualization and analysis of the events of the components from the PostgreSQL DBMS, management of Nemesida WAF settings, management of OpenAPI query schemes, configuration of the use of behavioral models built and applied by the Nemesida AI module, as well as systematization of information about anomalies and identified vulnerabilities.
  • The Nemesida WAF Scanner Vulnerability Scanner is designed to detect vulnerabilities in a protected web application.
Hardware requirements*

For the effective operation of Nemesida WAF components, it is recommended to use servers that have the following technical characteristics:

Server for the Nemesida WAF dynamic module and Nemesida AI MLA
analyses and redirects unblocked requests to the server with the web application
Processor 4 cores x 2.4 GHz
RAM 6 GB
Available disk space 10 GB
Server for the Nemesida AI MLC
is used to build behavioral models and analyse all incoming requests with their help, brute-force attacks, flood and DDoS L7 attacks
Processor 12 cores x 2.4 GHz
RAM From 6 GB when building behavioral models using Nemesida AI MLS cloud server
From 48 GB when building behavioral models on a local server
Available disk space 25 GB
Server for the Nemesida WAF API, Nemesida WAF Cabinet and PostgreSQL DBMS
used to store and visualize identified anomalies and flaws in a web application, as well as to control the behavior of a machine learning module
Processor 4 cores x 2.4 GHz
RAM 16 GB
Available disk space 25 GB

* For loads up to 10k RPS.

Nemesida AI – a machine learning module
Accuracy of identification of the attacks Nemesida AI about 30% more efficient than signature analysis.
Machine learning method The Nemesida WAF operation is based on classical machine learning algorithm «Random Forest», that is able to detect attack with minimum response time, nearly without false positives.
Hardware resource requirements Unlike training models using neural networks, classical machine learning algorithms do not require much processing power, so the processor of the Intel Core i3 family or higher will be sufficient for calculations.
Additional features
  • Adaptation of WAF to a mutable application
  • Automatic creation of behavioral models
  • Detection of anomalies and assessment of their severity level
  • Identification of new signs of attacks, including the identification of «zero day» attacks
  • Behavioral models management interface (additional training of models)
  • Ability to change the training period of behavioral models
  • Additional training of models using a backup copy of the training sample
Additional Information
  • Blocking an individual request
  • Temporarily blocking requests from the source by IP address
  • No artificial restrictions on traffic, RPS and the number of virtual hosts
  • Validate HTTP Transactions for RFC Compliance and Best Practices
  • Categorization by the type of activity (type of attack) of sources
  • Detection of bots based on their traits and behavioral analysis
  • Creation of signatures and their exclusions based on a set of criteria (for example: method, URL, parameter value, headers) and regular expressions
  • Using machine learning to minimize false positives and detect unknown attacks, easy management of the learning or retraining process via a web interface
  • Support for WebSockets, XML, JSON
  • Integration with ClamAV antivirus, SIEM systems and firewalls
  • Analysis of web application vulnerabilities using Nemesida WAF Scanner
  • Free version with limited functionality Nemesida WAF Free with basic protection of web applications from OWASP attacks based on signature analysis
  • Own GeoIP base

Filtering and notifications

  • Comfortable in use Nemesida WAF Cabinet for dealing with incidents
  • Flexible filtering of security log entries by specified criteria
  • Manual and automatic aggregation of security log entries by attack type, parameter name, URL, IP address
  • Attack verification using the built-in dynamic scanner
  • Automatic aggregation of events with intense character
  • Possibility of setting up reporting for obtaining summary information about safety events (attack timeline, detailed reports in PDF and CSV format)
  • Existence of the interface with information on network loading of WAF
  • The recorded events contain inquiry in full (entirely)
  • The recorded events contain the description of the worked rule of security policy
  • Export and import of the security event log in full amount
  • E-mail notifications

Try Nemesida WAF for free

Nemesida WAF is well-scalable, does not have any limitations of virtual hosts or traffic and auxiliary modules such as vulnerability scanner, virtual patching and cabinet will make your work with Nemesida WAF easy and transparent. Now it is not required to make exclusion rules – machine learning module will adapt to any web application. You can inspect incidents in Nemesida WAF Cabinet and enjoy the work with Nemesida WAF.