Due to the nature of our product some countries may not be elidgable for our services at we some products will ge bovened by regulation (eu) 2019/496 of the european parliament and of the council of 25 March 2019 restricting the distribution of Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS).

We use cookies on this site to enable features like search, shopping, membership and submitting support tickets. All cookies are encrypted and contain no private data that can be used by 3rd parties.
More information about how we use cookies can be found here

The FireWall Solution
Web Application Firewall for .Net

Why use a ASP-WAF firewall

ASP-WAF firewalls is a Intrusion Detection Systems (IDS) as well as an Intrusion Prevention Systems (IPS) and has the best value propositions amongst any of the solutions on the market. The problem with all other firewall solutions is that they open port 80 or 443 and allows all traffic on the network to your application. The ASP-WAF firewall solution goes further than that, we look at the connections to your web application and deal with malicious or unwanted activity at an application level.

287 days before a breach is detected

According to IBM, it takes companies 287 days to detect that they have been hacked and that the the average cost of a ransome breach was $4.2m, our IDS/IPS framework will help you do better at a fraction of the cost.

Community Edition

You are able to use the firewall in rapport only mode for free, for as long as you like. This allows you to get to know our product and get a feel for the exposure your domain is having as well as what types of exploits are being tried, register and get started today.

Most users are amazed as to the percentage of visits are actually by bot's and hackers and not the targeted audiences and find-out that they have to dramatically have to adjust their marketing effectiveness metrics.

Paid licensing options

We offer 5 licensing subscription levels, below you will find a list of functionalities in each of the versions. Please note that all paid versions come with a 30 day trial period, after the trial payment will be accepted by purchase order & Invoice. We do not offer credit card payments at this time.

For Volume license as well as Datacenter solution please contact Sales@asp-waf.com

  • Firewall - Base

    EUR 180.00 per year

    Basic FireWall for ASP .Net core 3.0, 3.1 and .Net Standard 2.1 (64 bit)

    • 1 Domain
    • Installation support
    • Single domain
    • HTML Minifier for MVC .Net
    • Denial-of-service
    • Hacker protection
    • Infection protection
    • Geo-blocking
    • Cloud enabled

    Try now Register a license

  • Firewall - Small Business

    EUR 780.00 per year

    FireWall for commercial web application written in ASP .Net core 3.0, 3.1 and .Net Standard 2.1 (64 bit)

    • Up to 8 public domains
    • Up to 8 non-public test domains
    • Installation support
    • Single domain
    • HTML Minifier for MVC .Net
    • Denial-of-service
    • Hacker protection
    • Infection protection
    • Geo-blocking
    • Cloud enabled
    • Get started support package
    • GDPR Compliance for .Net
    • Email alerts
    • Load balanced
    • Suspicious activities reporting
    • Data subscription
    • Physical firewall integration

  • Firewall - Enterprise

    EUR 8,740.00 per year

    FireWall for commercial web application on dedicated servers written in ASP .Net core 3.0, 3.1 or .Net Standard 2.1 (64 bit)

    • licensed per server unlimited domains
    • Installation support
    • HTML Minifier for MVC .Net
    • Denial-of-service
    • Hacker protection
    • Infection protection
    • Geo-blocking
    • Cloud enabled
    • GDPR Compliance for .Net
    • Email alerts
    • Load balanced
    • Suspicious activities reporting
    • Data subscription
    • Corporate support package
    • Multi-domain
    • Physical firewall integration
    • High availability cluster
    • Multi-Tenant

Getting started

You can download and get started right now using the NuGet package Walter.Web.Firewall there are 2 options, you use a community edition using a community license or a payed version. We have some getting started samples on GitHub as well as download the documentation here We encourage registration of community editions however we do not require it.

You can register any version and pay per bank transfer within 60 days. If you change your mind and do not wish to continue with our product simply not pay the invoice and after 60 days we reserve the right to downgrade the license to a registered community edition (free) and cancel the invoice.

Registering also has the benefit of generating the code for you to enable the firewall in your project

We offer installation support for registered users (free and paid) and have generated a getting started manual for you to be able to download. We offer the following off-line documentation in the form of a Getting Started Manual as well as an compiled help file. You can access our on-line help via https://firewallapi.asp-waf.com

Major features

The firewalls by themselves already quite powerful, however, the functionality of the of the firewalls and the ways you can integrate them into your project makes them truly valuable assets as you can control the level, as well as the way you wish to protect yourself.

Included below a few of the major use cases that the firewall enables you to implement

  • Fine tuned request blocking

    Being able to control what features are available based on the geographical location or of the requests origin allows you to block site access, pages access or regions in pages. But that's not all, you can also block ISP's search engines.

    this enables you to:

    • Implement GEO Blocking

      Allows for blacklisting and white listing of geographical regions.

    • Implement ISP/Data center Blocking

      Hide content depending on the provider (as bots live in the cloud users do not).

    • Automated IP Blocking

      When requests are identified by the rule engine as Suspicious or Malicious then the firewall will act accordingly. You can manually override such flags as Safe for a duration, or for ever.

    • User Blocking

      When an IP is used by several users and when requests of a specific device are identified by the rule engine as Suspicious or Malicious then the firewall will act accordingly and block a device from a given IP. You can manually override such flags as Safe for a duration, or for ever.

    • Use our tag-level blocking

      Content clocking can be implemented on almost all HTML tags, the major ones like <script>, <css> , <div>, <a> are all included.

      Blocking is possible on region as well as user type (Search engine, Bot, Human,...)

  • Penetration attacks

    We can detect penetration attacks at a very early stage as we do not only monitor requests but we also employ honey pot strategies.

    You can further defend your system by not using default routs making it easy for us to spot the villain.

    this enables you to:

    • Probing attacks

      Actively identify and block those that are probing the systems for weaknesses

    • Vulnerabilities defender

      Patch known security holes with our free rule engine subscription

    • Cross site scripting

      Stops all known vulnerabilities know as CORS exploits

    • SSL attacks

      Plugs holes known SSL attacks to-date

    • Man-in-the-middle & Sniffing

      Encrypt inter-server data communications and we provide a Javascript that enables encryption between the client to server communication. Even in a TLS environment like VPN and SSL tunnels there are quite a few bad actors out there and the Internet is not getting friendlier.

      In our solution we use a "per request" public private key pair to communicate between server and client to protect data and detect tampering & spoofing.

  • Rule engine

    We will send rule engine updates to your firewall whenever your firewall starts as well as at regular intervals thereafter. This way you are always patched and you do not have to update and re-deploy the firewall to get up-to-date security.

    this enables you to:

    • Good coverage of possible exploits

      We use machine learning to understand good and bad traffic and are able to detection:

      • Web Scrubbing
      • Replay attacks
      • Session hijacking
      • HMAC password reset link
      • Replay attacks
      • Cookie attacks
      • Over-under filling for data
      • SQL Injection
      • Script injection
      • and so much more

    • Search engine

      Detect real and fake search engines and allow or disallow access to:

      • Whole pages
      • Elements on a page by not rendering tags like hyper-links
      • Control access to sitemap.xml and robots.txt to only preferred search engines

    • Web Scrubbers

      We can identify them and block them or feed them false information at the page, or HTML tag level.

Additional features

  • Work-flows

    • Notification rules

      Define when and how often you would like to receive an malicious activity report via email

    • Automated reporting to ISP of abusing IP

      Contacting the owner of a given IP address and file a abuse report along with the detailed malicious activity report for a given IP address.

      Depending on the license level you are able to follow up with on the reported ticked with a incident ticket

    • Site Recovery

      When alteration of content is discovered the site can:

      1. Receive a notification of what was altered and by whom.
      2. Shut-Down and notify you so you can republish the site.
      3. Roll-back the changes to the state in memory, and notify you.

    • Dynamic Encryption

      Protect sensitive data on the server by encrypting and decrypting:

      1. Cipher data based on Public & private key-rings
      2. Cypher data using row level encryption
      3. Cipher using several algorithms
      4. Tamper detection
      5. Cipher cookie and header values

  • Configurable

    • Fake technology stack

      Hide the version of IIS Server and framework that you are using by masking a another server or technology stack.

    • Cookie & Header names

      Make life miserable for those that like to penetrate your site by change your cookie and website header names for the whole site, a single IP, or a single User. This makes scripting attacks that much harder and use our helpers to transform the users to the new names never loosing your sites functionality.

    • Block sensitive data

      Deny access to data based on rules like storage, location, storage method, user type and geographical location

    • Full API

      Why adapt your application to the firewall when you can adapt the firewall to your requirements. You have access to the interfaces and classes and you can create your own extensions. You can access the documentation online or download the compiled help file (.chm) from here for of-line viewing.

      On support.asp-waf.com you will also find getting started information in the form of sample projects and code snippets

    • Look who's Talking

      Depending on your license look and see who is talking with your server as well as with whom is your server talking. Depending on the license and configuration you are able to use firewall the integration modules to block suspicious incomings and outgoing communications.

      The firewall can be used to "white-list" incoming and outgoing communications and you will be able to be able to early detect penetrations to the physical server and document the communications as well as prevent damage before it is too late.

      Look who's talking is available as an integrated service in the firewall as well as a standalone micro server that you can use on your server'