Get the best DDoS protection, web firewall, and bot management solutions with Citrix Web App and API Protection

Get robust security with a proven web app firewall

Web applications and APIs are some of your most valuable—and vulnerable—assets. They’re a top target for bad actors who want to take them offline, plant malware, and steal sensitive data.

Get comprehensive protection for your applications

The Citrix web app firewall solution incorporates a rich set of signatures to quickly detect attacks against known application L7 and HTTP vulnerabilities. It also uses a positive security model to mitigate unknown and zero-day attacks by catching malformed or non-compliant traffic. You can add basic protections with a single click or, for superior protection, customize rules and signatures for each specific application.

Stay ahead of the latest OWASP Top 10 vulnerabilities

When it comes to guidelines for addressing critical application security risks, the OWASP top 10 is a must for every business. With the Citrix web app firewall solution, this list is easy to address. Citrix protects your applications from all big-risk attack categories highlighted as the most critical by the OWASP Top 10.

Reduce false positives with learning mode

When used in learning mode, the web app firewall continuously observes application traffic and automatically offers recommendations on which relaxation rules or exceptions should be applied (if any). This helps mitigate false positives and the investigations they can create.

Use the same functionality everywhere

The centralized nature of Citrix Web App and API Protection ensures your applications stay secure no matter what architecture they use or where they’re deployed, so they all benefit from consistent policies. You can block or rate limit requests based on IP address or geolocation, and proxy all traffic via the web application firewall for better control.

Stop DDoS attacks in their tracks

Distributed denial-of-service (DDoS) attacks pose a huge security risk for every business, and the impacts can be devastating. They can cut off your sources of revenue, damage your reputation, and increase liabilities.

Keep apps online with comprehensive cloud DDoS protection

Citrix defends against all three types of DDoS attacks—volumetric, protocol, and application layer—for comprehensive protection against even highly sophisticated multi-vector attacks.

Protect at scale without impacting performance

Citrix boasts 14 globally distributed points of presence (PoPs) so there’s always a convenient scrubbing center to minimize additional latency. Each has multiple high-speed connections to service providers to ensure your applications continue to perform as they should.

Rest easy with extensive capacity

With a combined scrubbing capacity of 12 terabits per second, you don't have to worry as Citrix can protect against even the largest DDoS attacks. You're charged based on clean traffic to your apps, and not the size of a DDoS attacks.

Choose from always-on or on-demand

You can continuously route traffic to scrubbing centers with always-on protection for critical apps. Or, if you need to keep costs low, choose on-demand protection to divert traffic only once a DDoS attack has been launched. You can also choose to redirect your entire network traffic load or on an application-by-application basis.

Scale with ease

Increase capacity at any time with a simple license upgrade. When you have questions, Citrix experts are available to help 24/7/365.

Bot management solutions: protect against bad bots

Bot attacks are becoming more prevalent and pervasive than ever. Left undetected, bad bots can steal sensitive data, take sites offline, damage your reputation, and more.

Quickly distinguish bad bots from good bots

Citrix bot management can be enabled in less than 2 minutes to start filtering simple bots with permit and deny lists. With an up-to-date collection of thousands of bot signatures, as well as a dynamic IP address database that’s updated every 5 minutes, you can easily deny bad bots while allowing and regulating traffic from good ones—like search engine crawlers that benefit your business.

Collect data to detect more complex bots

For more complex bots, Citrix uses device fingerprinting to collect a wide variety of data points (such as screen resolution and browser plugins) and to look for anomalies.

Take action to protect apps from abuse

As bots are detected, Citrix lets you take swift action to block or redirect traffic, log activity, limit the rate of requests, and challenge with a CAPTCHA. This ensures your most valuable applications and APIs are continually protected from automated threats.