Application Protection

Application Protection is suited for small to mid-sized businesses when the digital assets you need shielding sit behind a few hostnames or IP addresses. Your assets are assigned IP addresses that receives all incoming traffic, normal and attack. Nexusguard security platform then inspects all traffic received and separate out the abnormal requests and mitigate them so your digital assets are protected and your businesses run smoothly. This may sound simple but that’s because Nexusguard makes it work. Let’s take a look at the things Application Protection can do.

• NetShield focuses on the network and transport layer of the OSI model, which means it deals mainly with TCP/IP traffic, but also include other layer 3 and 4 protocols such as ICMP. It uses detection and mitigation methods to filter traffic and police bandwidth usage.
• AppShield handles application layer traffic, such as HTTP/S request and responses. The trend of DDoS attacks is that more and more attacks are based on application layer protocols because of the proliferation of web-based services. AppShield uses various methods such as blacklist/whitelist, HTTP header filter, and request authentication to mitigate attack traffic.
• SSL Cipher deals specifically with the cipher suites. Encrypted internet traffic is fast becoming the de facto way to communicate data. Last year, over half of the web traffic is encrypted, and that is why Nexusguard has a separate module that defines the algorithms the platform accepts.
• Cache saves often-requested and large-size files and delivers them to users from our globally distributed datacenter instead of the original servers, thereby improving your performance, saving your bandwidth, and protecting your business.
• WAF, or web application firewall, is an increasingly important part of any cybersecurity platform. Here at Nexusguard we combine the industry standard OWASP Top 10 with our own protection rules to provide a safe environment for your web-based services. Businesses and enterprises can also bring their own custom rules which we can deploy to all data centers around the globe with the click of a few buttons.
• Load Balance intelligently distributes your traffic load to different nodes around the globe according to the location and network operator of the user, so that no one node is bogged down with overwhelming demand and your users get a better experience.
• SNAT, or Source Network Address Translation, ensures that all requests from each session use the same internal IP to access resources. This is used as a security measure to ensure that only the original user receive requested resources.