The Next Generation WAF engine, integrated with Sangfor's NGAF, was developed to protect against advanced web-based attacks like SQL injection, web shells, struts2 injection and deserialization flaws. Sangfor's Application Layer Firewall uses machine and deep learning to analyse attack behaviours, enhancing detection rates and decreasing false positives common with traditional SNORT-based detection engines. By modelling attack behaviour, a threat model is created to easily manage applications' system threats.
WAF products are an increasingly powerful tool against application-layer attacks and are still the standard for many companies dealing with complicated and changing application-layer attacks. As the means of attack increase, corporate applications are becoming more and more complex, resulting in traditional WAF finding it harder to provide corporate applications with comprehensive protection. Many companies are disappointed with the accuracy and ability of WAF threat identification and defence supplied by other Web Application Firewall Vendors. Analysis of the working principles of existing WAF products makes it easy to determine that the root cause of this unsatisfactory result is the inefficiency of rule detection engines and regular expression matching methods adopted by traditional WAF products. Processing performance and methods of attack detection and interception are inadequate when facing complicated and varied Web application attacks.