Multiple Access Methods
- Supports quick access to WAF services without any application adjustment, and provides quick binding to Tencent Cloud CLB to perform bypass detection and traffic cleansing, which can separate business request forwarding from security protection.
- Supports access to WAF services through CNAME, hiding your real server and forwarding trusted traffic to the real server for Tencent Cloud and non-Tencent Cloud users.
- Supports cross-region deployment of cluster protection resources, dynamic scaling, and on-demand usage to avoid redundancy and single points of failure.
Protection From the AI Engine and Rule Engine
- The security rule engine protects your business against the OWASP top 10 attacks, including SQL injection, unauthorized access, cross-site scripting (XSS), cross-site request forgery (CSRF), and command line injection. WAF is also powered with AI defense capabilities to enable continuous learning through cross-validation and accurately and effectively capture common web attacks, zero-day attacks, and other new unknown attacks.
- WAF continuously learns the characteristics of massive business data to generate business-oriented personalized protection policies and avoid false positives. You can use the AI engine to handle false positives and false negatives to improve operation efficiency.
- Tencent United Security Laboratory provides outstanding security protection capabilities for Tencent Cloud. WAF's protection systems are continuously upgraded by the dedicated protection team 24/7, building up cutting-edge protection systems for your website.
Bot Behavior Management
- With the AI-based behavior analysis engine, this feature realizes real-time session tracking, and efficient detection of malicious bots based on the matching of behavior models and behavior labels using traffic profile.
- Provides more than 1,000 known bot types to quickly set up protection policies.
- Provides crawler and IP intelligence features to quickly identify bot behaviors.
- Provides features of protocols and over 50 sessions to define protection policies for various scenarios.
- Provides detailed reports and statistics of known, unknown and custom bot types to quickly locate malicious bots and defend your website against them.
Intelligent Protection Against CC Attacks
- Intelligently generates and applies protection policies to defeat attacks and blocks high-frequency access requests in real time to block attacker IPs based on the real server’s exceptional response such as timeout and response latency, and historical data of website access.
- Supports custom sessions to defend against CC attacks at the session level, realizing more accurate protection against CC attacks and less false positives.
- Allows you to view IP addresses that are blocked due to CC protection in real time to quickly adjust protection policies as needed.
- Supports quick access to 100 GB of Anti-DDoS capability to defend against traffic-intensive DDoS attacks, helping you easily cope with sudden attacks.
IPv6 Security Protection
Works with Tencent Cloud CLB to seamlessly process IPv4 and IPv6 access traffic with the same security protection capabilities.