11.2.5 Thinfinity Workspace WAF

Overview

A WAF (Web Application Firewall) whose main function is to analyze HTTP traffic, both incoming and outgoing, to protect a web server from potential external attacks. The Thinfinity® Workspace WAF is a specific implementation of a WAF within Thinfinity® Workspace, based on the OWASP Core Rule Set and the ModSecurity library. ModSecurity is an engine designed to process incoming and outgoing traffic, applying the rules of the OWASP Core Rule Set (CRS) to identify if the traffic represents an attack, and its configuration is done through rules.

The Firewall is positioned in front of the Thinfinity Workspace Gateway and the web browser, operating as a reverse proxy. This means that all user requests are received by the WAF before they can reach the internal infrastructure.

WAF Benefits

Thinfinity Workspace WAF offers several key benefits for web application security:

• Defense against attacks: It acts as an essential barrier against known attacks such as SQL injection and cross-site scripting (XSS), among others.

• Traffic filtering and control: It allows filtering and controlling HTTP/HTTPS traffic reaching web applications, ensuring that only legitimate requests access internal resources.

• Strategic positioning: By being placed in front of the Thinfinity Workspace Gateway as a reverse proxy, the WAF receives all user requests before they reach the internal infrastructure, which increases protection.

Reduction of attack surface: Without a Thinfinity WAF, the Gateway is directly exposed to the Internet, which increases the attack surface and makes it difficult to mitigate attacks without an intermediate layer of protection.