Introduction to Link11 WAAP
Product overview, architecture, and how it works
Last updated
Was this helpful?
Product overview, architecture, and how it works
Last updated
Was this helpful?
Link11 offers an all-in-one WAAP platform. It includes a next-gen Web Application Firewall (WAF), autoscaling Denial of Service (DoS)/Distributed Denial of Service (DDoS) protection, advanced bot management, real-time traffic monitoring & control, full historical logs & analytics, and more.
Link11 WAAP runs on the customer’s clouds of choice, whether the Link11 Network and Web Security solution, or any of the top-tier public cloud providers (AWS, Azure, and GCP). It protects web applications, services and microservices, and API endpoints.
L11WAAP deploys as a reverse proxy, continually analyzing incoming traffic. Benign traffic is passed through to the customer's origin, while hostile traffic is blocked and denied access.
The platform's overall architecture is as follows:
L11WAAP deploys and runs in the customer's choice of clouds, whether private (Link11) or public (AWS, GCP, or Azure).
All incoming traffic is routed through L11WAAP and scrubbed as it passes through. Latency is negligible (generally 1.5 milliseconds or less).
Hostile traffic is blocked before it reaches the protected network. Legitimate traffic has normal access to the requested resources.
Attackers cannot reach, or even find, the targeted web platform.
Bandwidth, compute, and other resources scale automatically as needed.
Remote management ensures minimal obligations (of time or expertise) from onsite staff.
L11WAAP supports various methods of authentication such as Basic, Digest, and Kerberos. (Note that NTLM cannot work with reverse proxies, and thus L11WAAP does not support NTLM sites/applications.)
L11WAAP is integrated with, and runs natively on, multiple cloud platforms. It leverages the advantages of each. Examples:
When L11WAAP runs on Link11, customers can use Secure CDN, Link11 load balancing, Infrastructure DDoS for offloading Layer 3 protection, and more.
On GCP, L11WAAP can act as the 'threat detection engine' for Cloud Armor, automating and extending its capabilities, and blocking attacks at the edges.
On Azure, L11WAAP integrates with Azure Security Center to fit smoothly into existing customer workflows.
On AWS, L11WAAP integrates with AWS WAF and Shield, adding granularity, control, and many other additional capabilities to AWS's native security features.