Nemesida WAF OnPrem Plans and Features
The plans, the main opportunities, the features and technical specifications of Nemesida WAF.
General information
| Active users: | 400+ |
| Features: |
|
| WAF operation mode | IPS, IDS and combined |
| Delivery type |
|
| Demonstration stand | demo.lk.nemesida-waf.com |
🔗 Plan features
| Features | Light | Business | Enterprise |
| General information | |||
| On-premises software | yes | ||
| No artificial restrictions on traffic, RPS and the number of virtual hosts | yes | ||
| Support for community edition with limited functionality | yes | ||
| The index of protection against attacks | ~ 46.62% | up to 99.98% | |
| Installation and scaling | |||
| Support for Active-Active and Active-Passive cluster | yes | ||
| Support for fault-tolerant operation of components | yes | ||
| Support for multinode WAF intallation | yes | ||
| Support for multitenancy mode installation | yes | ||
| Support for reverse proxy mode | yes | ||
| Support for deployment in a virtual environment | yes | ||
| Support for deployment in Docker containers | yes | ||
| Request processing | |||
| Checking requests for RFC compliance | yes | ||
| Deep Inspection of HTTP(s) requests | yes | ||
| Support for HTTP/2 | yes | ||
| Support for WebSockets | yes | ||
| Support for HTML5 | yes | ||
| Support for JSON | yes | ||
| Processing XML documents and SOAP requests | yes | ||
| Termination of SSL/TLS traffic | yes** | ||
| Detection of attacks | |||
| Detection of attacks by the signature method | yes | ||
| Attack detection by the AI/ML | n/a | yes | |
| Class of blocked attacks | SQLi, RCE, OS Injection, SSTI, LDAP, NoSQL, XSS, XXE, Information Leakage, Path Traversal, Open Redirect, Web Shell, RFI/LFI, SSRF, DDoS L7, bruteforce, flood etc. | ||
| Protection against threats of the OWASP class | yes | ||
| Blocking an individual request | yes | ||
| Protection from bots: detection of DDoS L7, bruteforce, flood and other parasitic traffic | yes | ||
| Protection based on the principle of a “black” list of IP addresses | yes | ||
| Blocking attempts to exploit zero-day vulnerabilities | n/a | yes | |
| Analysis of the behavioral activity of web application users | n/a | yes | |
| API Firewall (OpenAPI, Swagger) |
n/a | yes | |
| WAF Management Interface | |||
| Managing settings using the web interface and API | yes | ||
| Role-based system access system (administrator – user) | yes | ||
| Creating a “white” list of signatures | yes | ||
| Creating personal blocking rules | yes | ||
| Flexible filtering of incidents by specified criteria | yes | ||
| Manual and automatic aggregation of incidents by attack type, parameter name, URL, IP address | yes | ||
| Setting up reporting to get summary information on security events (attack schedule, detailed reports in PDF and CSV formats) | yes | ||
| Email notifications about attacks | yes | ||
| Creating virtual patching rules | Manually | Automatically and manually | |
| Verification of an attack using a built-in dynamic scanner | n/a | yes | |
| Additional features | |||
| Getting extended IP address information* | yes | ||
| Centralized collection of Nemesida WAF component operation events | yes | ||
| Centralized collection of information on detected attacks/anomalies | yes | ||
| The ability to send operation events of Nemesida WAF components to third-party systems | yes | ||
| Getting information about Nemesida WAF component operation events using the web interface and API | n/a | yes | |
| Getting information about detected attacks/anomalies using the web interface and API | yes | ||
| Integration with third-party TI-systems (Threat Intelligence) based on black/white lists |
yes | ||
| Integration with third-party AntiDDoS systems for synchronization of black/white lists | yes | ||
| Finding the flaws of Web applications using Nemesida WAF Scanner | n/a | yes | |
* Obtaining extended information about the IP address allows you to determine the geographical location based on the IP address, check the presence of the address in the lists of proxy servers: Tor, VPN, Mobile or hosting sites, etc. The functionality is included in the software price and does not require the connection of third-party databases.
** SSL termination is configured by means of a web server.
🔗 Nemesida® AI – a machine learning module
| Accuracy of identification of the attacks | Nemesida AI is about 53.04%* more efficient than signature analysis. |
| Machine learning method | The Nemesida WAF operation is based on classical machine learning algorithm «Random Forest», that is able to detect attack with minimum response time, nearly without false positives. |
| Hardware resource requirements | Unlike training models using neural networks, classical machine learning algorithms do not require much processing power, so the processor of the Intel Core i3 family or higher will be sufficient for calculations. |
| Additional features |
|
* Test result of Nemesida WAF using only signature analysis and AI/ML (detection accuracy: 46.62% and 99.66%, respectively). The testing was performed using the specialized WAF Bypass Tool. Based on the test results, the use of machine learning improves detection accuracy by 53.04%.
The result of testing Nemesda WAF
Diagram of Nemesida WAF modules interaction
1 Includes Nginx, the Nemesida WAF dynamic module and the Nemesida AI MLA machine learning agent.
- Nemesida WAF dynamic module carries out a signature analysis of requests coming to the server and, based on the behavioral models built by Nemesida AI MLC, makes a decision to block them or transfer them to other modules.
- Nemesida AI MLA machine learning module applies behavioral models built by Nemesida AI MLC to requests received from the dynamic module and sends a blocking command.
- Nemesida AI MLC machine learning module is designed to build behavioral models and detect other anomalies (for example, Brute-force, Flood, DDoS L7).
- The Nemesida WAF API is designed to receive information about attacks and identified vulnerabilities, as well as transmit information about blocked requests and the results of the Nemesida AI and Nemesida WAF Scanner modules to the PostgreSQL DBMS.
- Nemesida WAF Cabinet is designed for visualization and analysis of the events of the components from the PostgreSQL DBMS, management of Nemesida WAF settings, management of OpenAPI query schemes, configuration of the use of behavioral models built and applied by the Nemesida AI module, as well as systematization of information about anomalies and identified vulnerabilities.
- The Nemesida WAF Scanner Vulnerability Scanner is designed to detect vulnerabilities in a protected web application.
Pricing
| Price (annual subscription) |
Plans | ||
| Light | Business | Enterprise | |
| Basic license | $3,800* | $12,000* | ** |
| Additional license | $770 | $2,500 | ** |
| Additional behavioral model | n/a | $300 per model |
** |
| The number of free behavioral models included in the plan | n/a | 1 | 5 |
| Basic technical support |
Included in plan price (by email) |
||
* 30% discount on renewal of the annual subscription) from the current cost of the plan at the time of renewal.
** The price is available on request.
Try Nemesida WAF for free
Nemesida WAF is well-scalable, does not have any limitations of virtual hosts or traffic and auxiliary modules such as vulnerability scanner, virtual patching and cabinet will make your work with Nemesida WAF easy and transparent. Now it is not required to make exclusion rules – machine learning module will adapt to any web application. You can inspect incidents and enjoy the work with Nemesida WAF. Request a fully-featured trial by sending request to info@nemesida-waf.com.