📄️ Overview
IO River provides consistent security services at the edge. These services are managed via the IO River console and include:
📄️ IO River WAF
IO River Managed WAF provides a pre-configured, enterprise-grade security ruleset designed to protect web applications and APIs from common threats. The ruleset includes protection against the OWASP Top 10 vulnerabilities, such as SQL injection, cross-site scripting (XSS), and insecure deserialization.
📄️ Check Point powered WAF
IO River and Check Point
📄️ Custom Rules
WAF custom rules allow you to define specific conditions and actions to inspect and control incoming web traffic. They enable fine-grained protection tailored to your application’s needs, beyond what the managed WAF provides. You can also use custom rules to affect the behavior of the managed WAF.
📄️ Rate Limiting
Rate limiting rules control how many requests a client or IP address can send to your application within a specific time window. This helps protect against abuse—such as brute-force attempts, credential stuffing, or denial-of-service attacks—by automatically throttling or blocking traffic that exceeds the allowed threshold. It ensures fair usage, reduces load on your application, and enhances overall security.
📄️ Analytics
The WAF Analytics dashboard provides visibility into security events detected and mitigated by the edge security services. It highlights key metrics such as the number of blocked requests, rule matches, and traffic trends over time. These insights help you monitor potential threats, understand how your security services are protecting applications, and adjust security policies as needed.