Release-Note_WAF-6-4_1440x810.jpg

RELEASE NOTES: R&S®Web Application Firewall 6.4

Last time, we announced the new R&S®Web Application Firewall ‘s management API with a REST/JSON programming interface, allowing automation and scripting of WAF administration tasks, such as management of reverse proxies and tunnels. A must for your DevSecOps strategies. Today, we are glad to announce the release of R&S®Web Application Firewall 6.4 with these extra features:

• Active-Active High Availability mode: A new Active-Active mode is available in the High Availability panel of R&S®Web Application Firewall 6.4. This mode allows all members of the High Availability (HA) cluster to handle requests at the same time by setting up a master that will redirect traffic to slave members or itself. Each node will then process the requests locally and send responses directly to clients.

• Pooling mode New advanced security engines: The pooling mode also known as diode mode is a new configuration available for tunnels. In this mode, the traffic is not forwarded to the backend, but is kept locally by a tunnel called “pooler” to be fetched regularly by a second tunnel called “poller” that will send the requests to the backend server.

• New JSON manipulation nodes: This release introduces 3 new workflow nodes to manipulate JSON document using JSON pointer syntax. The JSON Attribute GET node allows extraction of JSON attributes to store them in new workflow attributes. The JSON Attribute SET node allows creation of JSON attributes. The JSON Attribute UNSET node allows deletion of data from JSON documents stored in workflow attributes.

• New JWT manipulation nodes: This release introduces 2 new workflow nodes to create and check JSON Web Token. JWT Generate to generate a JSON Web Token (JWT) that can then be used by workflow. A JWT is composed by 2 or 3 parts depends on if it is signed or not. JWT Parsing to split a JSON Web Token (JWT) into a JSON header and a JSON payload, and verifies signature. A JWT is composed by 2 or 3 parts depends on if it is signed or not. The JSON Attribute SET node allows creation of JSON attributes. The JSON Attribute UNSET node allows deletion of data from JSON documents stored in workflow attributes.

• HSM Safenet Luna support: The version 6.4 of R&S®Web Application Firewall allows delegation of cryptographic operations to HSM (Hardware Security Module) cards. The Safenet Luna Viper PCI-e card is the only supported card in this version.

• ICX Engine node with events: In the version 6.4 of R&S®Web Application Firewall, the security logs related to ICX blockings are now generated with the same format that the security logs of all the new security engines.

• Query parameters in Learning logs: A new column “Query” is now present in the Learning logs panel displayed logs generated by the “Learning log” node of the workflow. This new column contains the query parameters sent in the requests learned by the node. The query parameters can also be processed and converted to query parameters when learning logs are used to create Sitemaps.

Enjoy these new features and be ready for the next release!

Request information

Do you have questions or need additional information? Simply fill out this form and we will get right back to you.

Marketing permission

I want to receive information from Rohde & Schwarz via

What does this mean in detail?

I agree that Rohde & Schwarz GmbH & Co. KG and the Rohde & Schwarz entity or subsidiary company mentioned in the imprint of this website, may contact me via the chosen channel (email or postal mail) for marketing and advertising purposes (e.g. information on special offers and discount promotions) related to, but not limited to, products and solutions in the fields of test and measurement, secure communications, monitoring and network testing, broadcast and media, and cybersecurity.

Your rights

This declaration of consent may be withdrawn at any time by sending an email with the subject "Unsubscribe" to news@rohde-schwarz.com. Additionally, a link to unsubscribe from future email advertisements is contained in each email sent. Further details on the use of personal data and the withdrawal procedure are set out in the Statement of Privacy.

Your request has been sent successfully. We will contact you shortly.
An error is occurred, please try it again later.