The plans, the main opportunities, the features and technical specifications of Nemesida WAF.
General information
| WAF operation mode | IPS, IDS and combined |
| Features: |
|
| Delivery type |
|
🔗 Plan features
| Features | Light | Business | Enterprise |
| General information | |||
| Support for web servers | Nginx, Nginx Plus, Envoy proxy soon | ||
| On-premises software | yes | ||
| No artificial restrictions on traffic, RPS and the number of virtual hosts | yes | ||
| Support for community edition with limited functionality | yes | ||
| The index of protection against attacks | ~ 46.62% | up to 99.98% | |
| Installation and scaling | |||
| Support for Active-Active and Active-Passive cluster | yes | ||
| Support for fault-tolerant operation of components | yes | ||
| Support for multinode WAF installation | yes | ||
| Support for multitenancy mode installation | yes | ||
| Support for reverse proxy mode | yes | ||
| Support for deployment in a virtual environment | yes | ||
| Support for deployment in Docker containers | yes | ||
| Request processing | |||
| Checking requests for RFC compliance | yes | ||
| Deep Inspection of HTTP(s) requests | yes | ||
| Support for HTTP/2 | yes | ||
| Support for WebSockets | yes | ||
| Support for HTML5 | yes | ||
| Support for JSON | yes | ||
| Processing XML documents and SOAP requests | yes | ||
| Termination of SSL/TLS traffic | yes2 | ||
| The ability for the client to remove a temporary IP address ban using a Captcha | yes | ||
| Create custom block page | yes | ||
| Detection of attacks | |||
| Detection of attacks by the signature method Attack detection time: from 0.001 sec. |
yes | ||
| Attack detection by the AI/ML Attack detection time: from 0.07 sec. |
n/a | yes | |
| Class of blocked attacks | SQLi, RCE, OS Injection, SSTI, LDAP, NoSQL, XSS, XXE, Information Leakage, Path Traversal, Open Redirect, Web Shell, RFI/LFI, SSRF, DDoS L7, site parsing, bruteforce, flood etc. | ||
| Protection against threats of the OWASP class | yes | ||
| Blocking an individual request | yes | ||
| Protection from bots: detection of DDoS L7, bruteforce, flood and other parasitic traffic | yes | ||
| Protection based on the principle of a “black” list of IP addresses | yes | ||
| Protection against web scraping | yes | ||
| Blocking attempts to exploit zero-day vulnerabilities | using signatire method | using signatire method and machine learning | |
| Analysis of the behavioral activity of web application users | n/a | yes | |
| Blocking attempts to download viruses Attack detection time: from 0.015 sec. |
yes | ||
| API Firewall (OpenAPI, Swagger) Attack detection time: from 0.003 sec. |
n/a | yes | |
| WAF Management Interface | |||
| Managing settings using the web interface and API | yes | ||
| Role-based system access system (administrator – user) | yes | ||
| Creating a “white” list of signatures | yes | ||
| Creating personal blocking rules | yes | ||
| Flexible filtering of incidents by specified criteria | yes | ||
| Manual and automatic aggregation of incidents by attack type, parameter name, URL, IP address | yes | ||
| Setting up reporting to get summary information on security events (attack schedule, detailed reports in PDF and CSV formats) | yes | ||
| Email notifications about attacks | yes | ||
| Creating virtual patching rules | Manually | Automatically and manually | |
| Vulnerability detection and attack verification using the built-in dynamic analyzer (Nemesida WAF Scanner) | n/a | yes | |
| Additional features | |||
| Getting extended IP address information1 | yes | ||
| Centralized collection of Nemesida WAF component operation events | yes | ||
| Centralized collection of information on detected attacks/anomalies | yes | ||
| The ability to send operation events of Nemesida WAF components to third-party systems | yes | ||
| Getting information about Nemesida WAF component operation events using the web interface and API | n/a | yes | |
| Getting information about detected attacks/anomalies using the web interface and API | yes | ||
| Integration with third-party TI-systems (Threat Intelligence) based on black/white lists |
yes | ||
| Integration with third-party AntiDDoS systems for synchronization of black/white lists | yes | ||
| Finding the flaws of Web applications using Nemesida WAF Scanner | n/a | yes | |
1 Obtaining extended information about the IP address allows you to determine the geographical location based on the IP address, check the presence of the address in the lists of proxy servers: Tor, VPN, Mobile or hosting sites, etc. The functionality is included in the software price and does not require the connection of third-party databases.
2 SSL termination is configured by means of a web server.
🔗 Nemesida® AI – a machine learning module
| Accuracy of identification of the attacks | Nemesida AI is about 53.04%* more efficient than signature analysis. |
| Machine learning method | The Nemesida WAF operation is based on classical machine learning algorithm «Random Forest», that is able to detect attack with minimum response time, nearly without false positives. |
| Hardware resource requirements | Unlike training models using neural networks, classical machine learning algorithms do not require much processing power, so the processor of the Intel Core i3 family or higher will be sufficient for calculations. |
| Additional features |
|
* Test result of Nemesida WAF using only signature analysis and AI/ML (detection accuracy: 47.2% and 99.78%, respectively). The testing was performed using the specialized WAF Bypass Tool. Based on the test results, the use of machine learning improves detection accuracy by 52.58%.
The tables above clearly show how the use of machine learning increases the accuracy of attack detection. Using only the signature method for detecting attacks allows you to block 47.2% of attacks, and using machine learning increases this figure to 99.78%.
The tool sends over 2000 requests with various payloads to a WAF-protected web application and collects statistics, which it displays as a table of results.
1 Includes Nginx, the Nemesida WAF dynamic module and the Nemesida AI MLA machine learning agent.
- Nemesida WAF dynamic module carries out a signature analysis of requests coming to the server and, based on the behavioral models built by Nemesida AI MLC, makes a decision to block them or transfer them to other modules.
- Nemesida AI MLA machine learning module applies behavioral models built by Nemesida AI MLC to requests received from the dynamic module and sends a blocking command.
- Nemesida AI MLC machine learning module is designed to build behavioral models and detect other anomalies (for example, Brute-force, Flood, DDoS L7).
- The Nemesida WAF API is designed to receive information about attacks and identified vulnerabilities, as well as transmit information about blocked requests and the results of the Nemesida AI and Nemesida WAF Scanner modules to the PostgreSQL DBMS.
- Nemesida WAF Cabinet is designed for visualization and analysis of the events of the components from the PostgreSQL DBMS, management of Nemesida WAF settings, management of OpenAPI query schemes, configuration of the use of behavioral models built and applied by the Nemesida AI module, as well as systematization of information about anomalies and identified vulnerabilities.
- The Nemesida WAF Scanner Vulnerability Scanner is designed to detect vulnerabilities in a protected web application.
Pricing
| Price (annual subscription) |
Plans | ||
| Light | Business | Enterprise | |
| Basic license | $4,900 | $15,600* | ** |
| Additional license | $1,000 | $3,300* | ** |
| Additional behavioral model | n/a | $1,400* per model |
** |
| The number of free behavioral models included in the plan | n/a | 1 | 5 |
| Basic technical support |
Included in plan price (by email) |
||
* 30% discount on renewal of the annual subscription) from the current cost of the plan at the time of renewal.
** The price is available on request.
Try Nemesida WAF for free
Nemesida WAF is well-scalable, does not have any limitations of virtual hosts or traffic and auxiliary modules such as vulnerability scanner, virtual patching and cabinet will make your work with Nemesida WAF easy and transparent. Now it is not required to make exclusion rules – machine learning module will adapt to any web application. You can inspect incidents and enjoy the work with Nemesida WAF. Request a fully-featured trial by sending request to info@nemesida-waf.com.