PER USE CASE
Easily consolidate DDoS protection, web app firewall, and bot management in one comprehensive security solution—for all your applications, wherever they're deployed.
Web applications and APIs are some of your most valuable—and vulnerable—assets. They’re a top target for bad actors who want to take them offline, plant malware, and steal sensitive data.
The Citrix web app firewall solution incorporates a rich set of signatures to quickly detect attacks against known application L7 and HTTP vulnerabilities. It also uses a positive security model to mitigate unknown and zero-day attacks by catching malformed or non-compliant traffic. You can add basic protections with a single click or, for superior protection, customize rules and signatures for each specific application.
When it comes to guidelines for addressing critical application security risks, the OWASP top 10 is a must for every business. With the Citrix web app firewall solution, this list is easy to address. Citrix protects your applications from all big-risk attack categories highlighted as the most critical by the OWASP Top 10.
When used in learning mode, the web app firewall continuously observes application traffic and automatically offers recommendations on which relaxation rules or exceptions should be applied (if any). This helps mitigate false positives and the investigations they can create.
The centralized nature of Citrix Web App and API Protection ensures your applications stay secure no matter what architecture they use or where they’re deployed, so they all benefit from consistent policies. You can block or rate limit requests based on IP address or geolocation, and proxy all traffic via the web application firewall for better control.
Distributed denial-of-service (DDoS) attacks pose a huge security risk for every business, and the impacts can be devastating. They can cut off your sources of revenue, damage your reputation, and increase liabilities.
Citrix defends against all three types of DDoS attacks—volumetric, protocol, and application layer—for comprehensive protection against even highly sophisticated multi-vector attacks.
Citrix boasts 14 globally distributed points of presence (PoPs) so there’s always a convenient scrubbing center to minimize additional latency. Each has multiple high-speed connections to service providers to ensure your applications continue to perform as they should.
With a combined scrubbing capacity of 12 terabits per second, you don't have to worry as Citrix can protect against even the largest DDoS attacks. You're charged based on clean traffic to your apps, and not the size of a DDoS attacks.
You can continuously route traffic to scrubbing centers with always-on protection for critical apps. Or, if you need to keep costs low, choose on-demand protection to divert traffic only once a DDoS attack has been launched. You can also choose to redirect your entire network traffic load or on an application-by-application basis.
Increase capacity at any time with a simple license upgrade. When you have questions, Citrix experts are available to help 24/7/365.
Bot attacks are becoming more prevalent and pervasive than ever. Left undetected, bad bots can steal sensitive data, take sites offline, damage your reputation, and more.
Citrix bot management can be enabled in less than 2 minutes to start filtering simple bots with permit and deny lists. With an up-to-date collection of thousands of bot signatures, as well as a dynamic IP address database that’s updated every 5 minutes, you can easily deny bad bots while allowing and regulating traffic from good ones—like search engine crawlers that benefit your business.
For more complex bots, Citrix uses device fingerprinting to collect a wide variety of data points (such as screen resolution and browser plugins) and to look for anomalies.
As bots are detected, Citrix lets you take swift action to block or redirect traffic, log activity, limit the rate of requests, and challenge with a CAPTCHA. This ensures your most valuable applications and APIs are continually protected from automated threats.