Entry Gateway and Web Application Firewall


nevisProxy is a secure entry gateway with an integrated web application firewall (WAF). nevisProxy controls user access and protects sensitive data, applications, services, and systems from internal and external threats.

Features and tasks

  • Protection against denial-of-service attacks
  • SSL termination (encryption and acceleration)
  • Session and time-out handling (single session)
  • SSO (single sign-on)
  • Initialization of multi-step authentication
  • Authentication in cooperation with nevisAuth
  • Propagation of user identities incl. additional information (roles) in secure tokens (SAML, JWT, NEVIS SecToken, HTTP Header, etc.)
  • Role-based authorization
  • Cookie caching
  • Renegotiation of client session association
  • Caching and data compression
  • Support of AJAX and WebSockets
  • Protocol validation
  • Content inspection and validation (HTML, XML, JSON, etc.)
  • Input validation (black- and whitelists with self-learning)
  • Virtual patching enables rapid reaction in case of serious security threats
  • URL signing and encryption