We use cookies on this site to enable features like search, shopping, membership and submitting support tickets. All cookies are encrypted and contain no private data that can be used by 3rd parties.
More information about how we use cookies can be found here

The FireWall solution
Web Application Firewall for .Net

Why use a ASP-WAF firewall

ASP-WAF firewalls have the best value propositions amongst any of the solutions on the market. The current standard of firewall solutions opens port 80 or 443 and allows virtually all traffic on the network our firewall solution goes further than that. We look at the connections to your web application and deal with malicious or unwanted activity at an application level.

Community Edition

You are able to use the firewall in rapport only mode for free, for as long as you like. This allows you to get to know our product and get a feel for the exposure your domain is having as well as what types of exploits are being tried.

Most users are amazed as to the percentage of visits are actually by bot's and hackers and not the targeted audiences and find-out that they have to dramatically have to adjust their marketing effectiveness metrics.

Paid licensing options

We offer 3 licensing subscription levels, below you will find a list of functionalities in each of the versions. Please note that all paid versions come with a 30 day trail period, after the trail payment will be accepted by purchase order & Invoice. We do not offer credit card payments at this time.

  • Firewall - Base

    EUR 180.00 per Domain

    Basic FireWall for ASP .Net core 3.0, 3.1 and .Net Standard 2.1 (64 bit)

    • Installation support
    • Single domain
    • HTML Minifier for MVC .Net
    • Denial-of-service
    • Hacker protection
    • Infection protection
    • Geo-blocking
    • Cloud enabled

    Try now Register a license

  • Firewall - Small Business

    EUR 780.00 per Domain

    FireWall for commercial web application written in ASP .Net core 3.0, 3.1 and .Net Standard 2.1 (64 bit)

    • Installation support
    • Single domain
    • HTML Minifier for MVC .Net
    • Denial-of-service
    • Hacker protection
    • Infection protection
    • Geo-blocking
    • Cloud enabled
    • Get started support package
    • GDPR Compliance for .Net
    • Email alerts
    • Load balanced
    • Suspicious activities reporting
    • Data subscription
    • Physical firewall integration
  • Firewall - Enterprise

    EUR 8,740.00 per Server

    FireWall for commercial web application on dedicated servers written in ASP .Net core 3.0, 3.1 or .Net Standard 2.1 (64 bit)

    • Installation support
    • HTML Minifier for MVC .Net
    • Denial-of-service
    • Hacker protection
    • Infection protection
    • Geo-blocking
    • Cloud enabled
    • GDPR Compliance for .Net
    • Email alerts
    • Load balanced
    • Suspicious activities reporting
    • Data subscription
    • Corporate support package
    • Multi-domain
    • Physical firewall integration
    • High availability cluster
    • Multi-Tenant

Major features

The firewalls by themselves already quite powerful, however, the functionality of the of the firewalls and the ways you can integrate them into your project makes them truly valuable assets as you can control the level, as well as the way you wish to protect yourself.

Included below a few of the major use cases that the firewall enables you to implement

  • Fine tuned request blocking

    Being able to control what features are available based on the geographical location or of the requests origin allows you to block site access, pages access or regions in pages. But that's not all, you can also block ISP's search engines.

    this enables you to:
    • Implement GEO Blocking

      Allows for blacklisting and white listing of geographical regions.

    • Implement ISP/Data center Blocking

      Hide content depending on the provider (as bots live in the cloud users do not).

    • Automated IP Blocking

      When requests are identified by the rule engine as Suspicious or Malicious then the firewall will act accordingly. You can manually override such flags as Safe for a duration, or for ever.

    • User Blocking

      When an IP is used by several users and when requests of a specific device are identified by the rule engine as Suspicious or Malicious then the firewall will act accordingly and block a device from a given IP. You can manually override such flags as Safe for a duration, or for ever.

    • Use our tag-level blocking

      Content clocking can be implemented on almost all HTML tags, the major ones like <script>, <css> , <div>, <a> are all included.

      Blocking is possible on region as well as user type (Search engine, Bot, Human,...)

  • Penetration attacks

    We can detect penetration attacks at a very early stage as we do not only monitor requests but we also employ honey pot strategies.

    You can further defend your system by not using default routs making it easy for us to spot the villain.

    this enables you to:
    • Probing attacks

      Actively identify and block those that are probing the systems for weaknesses

    • Vulnerabilities defender

      Patch known security holes with our free rule engine subscription

    • Cross site scripting

      Stops all known vulnerabilities know as CORS exploits

    • SSL attacks

      Plugs holes known SSL attacks to-date

    • Man-in-the-middle & Sniffing

      Encrypt inter-server data communications and we provide a Javascript that enables encryption between the client to server communication. Even in a TLS environment like VPN and SSL tunnels there are quite a few bad actors out there and the Internet is not getting friendlier.

      In our solution we use a "per request" public private key pair to communicate between server and client to protect data and detect tampering & spoofing.

  • Rule engine

    We will send rule engine updates to your firewall whenever your firewall starts as well as at regular intervals thereafter. This way you are always patched and you do not have to update and re-deploy the firewall to get up-to-date security.

    this enables you to:
    • Good coverage of possible exploits

      We use machine learning to understand good and bad traffic and are able to detection:

      • Web Scrubbing
      • Replay attacks
      • Session hijacking
      • HMAC password reset link
      • Replay attacks
      • Cookie attacks
      • Over-under filling for data
      • SQL Injection
      • Script injection
      • and so much more

    • Search engine

      Detect real and fake search engines and allow or disallow access to:

      • Whole pages
      • Elements on a page by not rendering tags like hyper-links
      • Control access to sitemap.xml and robots.txt to only preferred search engines

    • Web Scrubbers

      We can identify them and block them or feed them false information at the page, or HTML tag level.

Additional features

  • Work-flows

    • Notification rules

      Define when and how often you would like to receive an malicious activity report via email

    • Automated reporting to ISP of abusing IP

      Contacting the owner of a given IP address and file a abuse report along with the detailed malicious activity report for a given IP address.

      Depending on the license level you are able to follow up with on the reported ticked with a incident ticket

    • Site Recovery

      When alteration of content is discovered the site can:

      1. Receive a notification of what was altered and by whom.
      2. Shut-Down and notify you so you can republish the site.
      3. Roll-back the changes to the state in memory, and notify you.

    • Dynamic Encryption

      Protect sensitive data on the server by encrypting and decrypting:

      1. Cipher data based on key-rings
      2. Cypher data using row level encryption
      3. Cipher using several algorithms
      4. Tamper detection
      5. Cipher cookie and header values
      6. Public/ private key certificate encryption
      Perhaps one of the most important features is that you no-longer have to store user names and passwords in clear text on disk as you can protect sensitive data like connection strings in Json files by storing items as encrypted text and decrypt them in the application. Have a look at our QuickCypher add-on for easy cipher integration in visual studio.

  • Configurable

    • Fake technology stack

      Hide the version of IIS Server and framework that you are using by masking a another server or technology stack.

    • Cookie & Header names

      Make life miserable for those that like to penetrate your site by change your cookie and website header names for the whole site, a single IP, or a single User. This makes scripting attacks that much harder and use our helpers to transform the users to the new names never loosing your sites functionality.

    • Block sensitive data

      Deny access to data based on rules like storage, location, storage method, user type and geographical location

    • Full API

      Why adapt your application to the firewall when you can adapt the firewall to your requirements. You have access to the interfaces and classes and you can create your own extensions. You can access the documentation online or download the compiled help file (.chm) from here for of-line viewing.

      On support.asp-waf.com you will also find getting started information in the form of sample projects and code snippets

    • Look who's Talking

      Depending on your license look and see who is talking with your server as well as with whom is your server talking. Depending on the license and configuration you are able to use firewall the integration modules to block suspicious incomings and outgoing communications.

      The firewall can be used to "white-list" incoming and outgoing communications and you will be able to be able to early detect penetrations to the physical server and document the communications as well as prevent damage before it is too late.

      Look who's talking is available as an integrated service in the firewall as well as a standalone micro server that you can use on your server'

      You can have a look at the Look who's talking - Dashboard here.