When deployed as Web Application Firewall (or WAF), the Indigo solution monitors HTTP traffic to and from web applications. It can filter the content of specific web applications by inspecting HTTP traffic to prevent attacks stemming from web application security flaws, such as SQL injection, cross-site scripting (XSS), file inclusion, and security misconfigurations.
As an additional benefit for communication services network operators, ISPs and their customers, the Indigo WAF also provides a state-of-the-art anti-DDoS capability. This not only helps to prevent a DDoS attack from causing outages on the main service network but also on customer’s hosted services.
While traditional WAFs inspect only certain parameters, with the Indigo scripting engine, it is possible to decode and inspect payload contents easily with help of third-party Lua libraries. The Indigo WAF also uses rules from Trustwave SpiderLabs to improve accuracy. These rules lead to fewer false positives since they only inspect certain types of data, providing the customer with an increased confidence in blocking traffic. Additionally, when combined with the DPI engine, the Indigo WAF configuration can also detect today’s highly sophisticated application layer attacks. These include advanced persistent threats (APTs), which are typically obfuscated in HTTP requests and evade traditional detection methods.