NetScaler Web Application and API Protection

FAQ

December 15, 2023

Contributed by:

This section provides question and answers related to CWAAP functionalities.

What is NetScaler Web Application and API Protection?

NetScaler Web Application and API Protection is a cloud service compatible from anywhere for applications to be hosted. NetScaler Web App Firewall solution integrated with DDoS mitigation service, the combination provides a comprehensive, layered protection stack that proactively prevents bot-based volumetric attacks, and threats that target the application layer, such as SQL, cross-site scripting, CSRF, session hijacking, data exfiltration and zero-day vulnerabilities.
What does Web Application Firewall do in the CWAAP service?

NetScaler Web App Firewall monitors, filters, or blocks inbound and outbound web application traffic that has security attacks.
What does CWAAP DDoS protect?

CWAAP DDoS protection is a DDoS mitigation service. CWAAP scrubs malicious Internet traffic, allowing clean, legitimate traffic to flow to your infrastructure.
What is a distributed denial-of-service (DDoS) attack?

A distributed denial-of-service (DDoS) attack is when multiple entities are operating together to attack one target. DDoS attackers often use the use of a botnet—a group of hijacked internet-connected devices to carry out large scale attacks. Attackers take advantage of security vulnerabilities to control numerous devices using command and control software.
What is the goal of a DDoS attack?

To exhaust network bandwidth, server resources, or applications in such a way that legitimate users cannot access a site. The purpose for such attacks, however, can vary widely.
What are the common Web Application Firewalls (wAF) techniques of Layer 7 attacks?
- Cross-site scripting (cross-site scripting) is an injection attack in which an attacker injects malicious script into a web application.
- Cross-site request forgeries (CSRF) trick end users into running state-change actions on a web app with which they are authenticated. Such attacks can instigate actions such as transferring funds or changing email addresses.
- SQL injections are well-known exploits in which an SQL data is inserted into the query response from a client.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

FAQ

December 15, 2023

Contributed by:

December 15, 2023

Contributed by:

FAQ

In this article