On this page

This page shows you where to get the binaries for the .Net ASP-WAF Firewall so you can install and integrate the firewall into an existing application in only a few minutes.

Get the binaries

We publish the X64 binaries to www.nuget.org/profiles/ASP-WAF and can be accessed on-line from the NuGet feed. We have made the binaries available for download for those that are using a private NuGet repository or are working behind a firewall.

If you need a X86 compiled version or need to support another platform then please contact support by email and we will provide you with the packages for your specific platform and framework version.

Integrating the firewall

We will assume that you integrated your binaries from the framework using NuGet. Here are the packages we think you need to pay attention to so you can get the features you need.

Package Name Description Separate
download
Firewall Walter.Web.Firewall.Core.3.x

The web application firewall for .Net Standard 2.1 as well as .Net Core 3.0 and 3.1.

This NuGet package is the basis for securing your open HTTP and HTTPS port by validating that the user connecting doesn't have malicious intentions.

The firewall monitors that the user does not inject malicious code, steels data, or uses exploits to alters files on disk or access other servers on the network

The framework provides you with a software based firewall allowing to block specific users on a given IP as well as allowing you to interact with the physical firewall and block or unblock a remote machine

Yes

Included Data Sources

Data sources used by the firewall to infer scope and accuracy as well as plausibility tests when evaluating requests
Subscription ASP-WAF Data subscription

Data subscription includes proprietary firewall data that is periodically updated and is used by the firewall to understand it is communicating with known malicious users (bot's or natural individuals) and act accordingly.

This data is included and controlled by the license subscription of the firewall.

No
LookWhosTalking Walter.Net.LookWhosTalking

Provide insight into the communication between the server hosting the website and the outside world.

The firewall monitors communication for irrational or known malicious interaction. This package is also used by the LookWhoisTaling framework that can be used to monitor network dependencies.

No
Networking Walter.Net.Networking

Utility package allowing to detect network-related activity and performs tasks like translating an IP address to the ISP owning the IP address the so called WhoIs queries.

The package also provides the ability to detect LAN WAN or Machine internal communications and performs fast DNS lookups, reverse DNS, tracert and nslookup methods as well as reverse proxy addresses to detect search engines.

No

Optional Data Sources

Data sources used by the firewall to add additional functionality in regards to protection and reporting
Native GEO Walter.Web.FireWall.Geo.Native

Provide the ability for the firewall to become Geographically aware and uses the servers DNS to extract the location of the ISP and returns country-level location data.

With country-level data, you have the ability to control requests and decide to allow access, or to redirect the request to another location. You have the ability to show or hide content on razor pages using the tag helpers or by injecting a Walter.Web.FireWall.IPageRequest into your razor view.

This plug-in does not use 3rd party services or subscriptions.

Yes
MaxMind Walter.Web.FireWall.Geo.MaxMind

Adding this NuGet package enables the firewall to become Geographically aware and uses the MaxMind framework to extract the location of the IP Address returns City and Country-level location data.

With country-level data, you have the ability to control requests and decide to allow access, or to redirect the request to another location. You have the ability to show or hide content on razor pages using the tag helpers or by injecting a Walter.Web.FireWall.IPageRequest into your razor view.

This plug-in allows for the use of MaxMind’s paid subscription API as well as the free GeoLight2 data files to be integrated in the firewall for precision geographical decision trees.

Yes

Reporting Add-Ons

Items used to extend the reporting and or allow for additional functionality
Walter.Web.FireWall.EventLog

Provides the ability for the firewall to periodically write suspicious activity to the Windows event log.

This package does not make sense for everyone as you need to have access to the servers EventLog to be able to read from it.

You can configure the package to write on another servers EventLog (permitting network access and permission) but limiting factor is that you need to host on a windows server to be able to use this package.

Yes
SMTPLogger Walter.Web.FireWall.SMTPLogger

This package allows the firewall to periodically write suspicious activity to a set of email addresses where each email address has a set of roles and the role determines if what data you receive.

This reporting service bundles incidents and suspicious activity for a given period to send an email to the account. Each email account has the ability to specify it's own preferences like type of content and frequency and the mail service sends the mail using a default template or a razor view that will be rendered using the SMTP model.

The Emails send can be archived for a given timespan on disk or database for legal compliance reasons. All emails are secured using transparent GDPR compliant encryption specific to the domain's license and email address.

The package comes with a retrieval API allowing you to interact with archived emails.

Yes
Sql Server Walter.Web.FireWall.SqlLogger

This package provides the ability for the firewall to periodically write all activity to SQL Server.

The database consists of a landing zone (ETL schema) and a persistent data zone allowing you to alter the final database design on how you would like to store the data.

This option is ideal allowing you define reporting systems that understand the behaviour of the users.

The firewall records interactions like visits, visit duration, page interaction like screen, mouse and keyboard interactions as well as navigation paths shown and navigation chosen. It is up to you to how you wish to stores the interaction and transformation with pages and web services.

This stored data is suitable for security audits, reporting as well as web statistics and campaign management.

Yes

You can download all binaries here if you use a private NuGet repository. For the most users that isn't necessary and using nuget.org feed will be preferred. So follow these 4 steps:

  1. Open NuGet and enter Walter.Web.FireWall in the search field to see all NuGet Packages NuGet Package Manager * The version of the NuGet packages will change over time as well as the possible plug-in's being offered. This image is a reference only may differ with what you see.
  2. Select the Walter.Web.FireWall.Core.3.x NuGet package and press install. Carefully read the license agreement and press accept to complete the process.
  3. Select and install any additional NuGet Packages that you intend to use. If you select MaxMind then you do not need to include that NuGet package as the NuGet dependency checker will automatically down load the correct version for you.
    * This step is optional and can be done later at any time
  4. Make sure you have the License ready for the FireWall needed in the services configuration of your project. If you do not have a license you have 3 options:
    1. Use the FireWallTrial.Token and FireWallTrial.Key of the FireWallTrial class
    2. Register a community license here. The community license is free but does not have all the features op a paid license.
    3. Register for a payed version here and get started with all the benefits of a commercial license. Commercial license assume that you're integrating on behalf of a corporation and payments are via bank transfer due within 60 days allowing for sufficient time to test the product. If payment was not received after 60 days the firewall will default to the free community edition and the order will be canceled.

      If, until now, you did not get a free community license, then please enter your details below and we can generate one for you now and we will use the domain and license in the samples in the rest of the documentation.

      The full url of the domain, the HTTPS and HTTP protocol share the same license.
      If you enter your email we will send you an email with the license key and the getting started manual, we do not store the mail address.
« Previous: The Framework Chapter 1 Introduction & Installation Next: Service Configuration »