针对Web攻击,传统防火墙对应用层防护存在不足,而Web 应用防火墙可利用其架构的技术优势,应对繁多的攻击方式.给出二维安全防护系统及Web 服务器核心内嵌模型,进一步给出Web 应用防火墙设计实现方案.实验表明,该系统能够解决Web应用安全问题,具有较高的网络性能,支持策略的定制与扩展.%In light of the Web attacks, traditional firewall has its weakness in application layer protection, but Web application firewall can use its architecture technology advantage to deal with the various attack methods. The two-dimensional security protection system and the embedded model of Web server core are presented, and the Web application firewall design and implementation scheme are further provided. Experimental results show that, the system can solve the security problems of Web application, and has preferable network performance, and supports the customisation and extension of strategies as well.
展开▼