Topsec Web Application Firewall System

Product Overview

Topsec Web Application Firewall System (TopWAF) is a proprietary, independently developed security solution designed to protect web applications. It is built upon Topsec's extensive experience in cybersecurity research.

TopWAF incorporates thousands of built-in security rules curated by the Topsec Alpha Lab (attack and defense research team). It can provide two-way security filtering on the access traffic between the client and the web server, which provides WEB application attack protection, DDOS defense, URL access control, webpage defacement and other functions. Thus, it can effectively defend the occurrence of malicious tampering, sensitive information disclosure, and web server control caused by attacks against web applications. TopWAF serves as a trusted line of defense against web threats for government, enterprise, university, and telecom operator networks.

Activity & Announcement

Hot Products Intelligent Computing Cloud Platform
New Products Ask Large Model
New Products LLM Security Gateway
Typical cases CNCC security construction project

Advantages

Advanced Parallel Security Architecture

TopWAF is developed based on NGTOS 64-bit security operating system which adopts an advanced multi-channel multi-core architecture. NGTOS uses a user-mode protocol stack compatible with TCP/IP features, and avoids the operating system context switch and kernel space to user space data copy in the traditional kernel mode protocol stack, which optimizes system efficiency.

Precise Protection for Web Applications

TopWAF provides accurate and detailed attack protection for Web applications by two-way deep detection of Web application traffic, preventing attacks such as SQL injection, XSS, and CSRF. It can effectively respond to threats and variants defined by OWASP Top 10. For the requests, TopWAF checks the legitimacy and compliance of the request before the attack data arrives at the Web server, and prevents malicious requests or requests with malicious code from accessing the Web application.

Effective Application-Layer DDoS Defense

Compared with network layer DDoS attacks, application layer DDoS attacks are more operative and harmful. Currently, application layer DDoS attacks have become a key direction of Web security protection. Leveraging advanced source reputation analysis, TopWAF dynamically learns malicious traffic based on long-term traffic model learning results and historical records, and effectively defends against DDoS attacks of various types of application layers, such as the current popular HTTP flood, CC, and slow attacks. TopWAF can effectively identify and block the application layer DDoS, ensuring that the web server can provide services for real users and ensure the continuity of customer service.

Intelligent Website Behavior Analytics

TopWAF can display the running status of the system in real time, and display the attack behavior (including attack parameter information, attack type, triggering rules, attack detection process, tampering behavior, DDOS attack information, etc.) in the network to provide threat statistics. It can analyze the attack information of the protected object and display it in the attack event list while generating the attack log. Through the TopWAF log report, the attack source and website vulnerability can be quickly tracked to ensure network security.

2020–2022

Market Recognition

Recognized as Top 3 in China's WAF market by Frost & Sullivan (for the period 2020–2022)

Applications

Enables rapid deployment without the need for IP address reconfiguration (transparent bridge mode). Both clients and servers remain fully unaware after deployment, ensuring rapid go-live. It supports Bypass mode for fast fault recovery and delivers high performance.

Ideal for highly sensitive environments where modifications to the existing network architecture (both physical and logical) are prohibited. (both physical and logical). It is suitable for initial-stage device deployment, facilitating the observation of device performance and the optimization of configurations.

Value to Customers

Regulatory Compliance

Deployment of TopWAF enables compliance with the website security requirements specified in the National Information Security Classified Protection Scheme.

Prevention of Unknown Threats

Leveraging self-learning technology, it enables intelligent modeling based on actual business scenarios and automatically generates protection rules. This standardizes users’ submission behaviors on web applications and provides effective defense against unknown threats.

Sensitive Information Protection

It supports filtering and protection of sensitive data (customizable). By means of masking and replacement, it ensures the security of users’ personal information.

Brand & Reputation Protection

It monitors and recovers website tampering incidents through fingerprint comparison and page caching technologies. Meanwhile, it allows website lockdown during special periods, safeguarding the public image of government agencies and enterprises.

Specification

0 > 0 > 0 >

Model	TWF-73220-E	TWF-83180-E
WAF Throughput	500Mbps	2.2Gbps
Firewall Throughput	3.5Gbps	10Gbps
Concurrent Sessions	900,000	2,000,000
New Sessions/Sec	4,400	21,000
Fixed I/O Ports	8 x GE , 2 x SFP , 2 x SFP+	6 x GE , 4 x SFP
Available Slots for Expansion Modules	2	2
RAM	16GB	16GB
Storage	4TB	1TB
USB Ports	2	2
Form Factor	1 U	2 U
Dimensions (W × D × H, mm)	440×510×44	426×560×89
Power Specification	150W, Single AC	250W, Dual AC
Power Supply	AC 100-240V,50/60 Hz	AC 100-240V,50/60 Hz
Weight	12Kg	18Kg
Working Temperature	0~40℃	0~40℃
Relative Humidity	20~90%, Non-Condensing	20~90%, Non-Condensing

Success Case

University of Science and Technology

After the network upgrade, the traffic of Web services has surged, exposing the university to risks such as Web application attacks and sensitive information leakage. It is imperative to build an efficient and reliable security protection system to ensure the stability of teaching and research services.

Value to Customers：: Regulatory Compliance Prevention of Unknown Threats Sensitive Information Protection Brand & Reputation ProtectionThis helps establish baselines for normal user behavior on web applications

View details

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation

University of Science and Technology

Topsec Web Application Firewall System

Product Overview

Product Service

Security Research

Special Topics in Security

About Us