Knowledge Search


×
 

Junos WebApp Secure (JWAS) FAQ

  [KB25053] Show Article Properties


Summary:
 I've heard of Junos WebApp Secure (JWAS), formerly known as Mykonos Web Security (MWS Series), but what is it?  Below are some of the frequently asked questions about JWAS.
Solution:
Frequently Asked Questions about the Junos WebApp Secure (JWAS) product.
  • Is JWAS an appliance or software product?
    Junos WebApp Secure is a software product and deployed wherever your web applications live. They can be deployed in three ways: as a hardware appliance, as a virtual machine with VMWare, or in the cloud in Amazon Web Services.
  • Is JWAS available as a Hardware Appliance?
    Yes.  The MWS1000 Hardware Appliance was released in December 2012.  It is a 1RU chassis that supports up to 800Mb/sec of traffic.
  • Does JWAS support High Availability?
    Yes, using a pair of MWS1000 Hardware Appliances, JWAS can be configured to run in an Active/Passive pair to support HA deployments/
  • Are you a Web application firewall (WAF)?
    No, Junos WebApp Secure is a Web Intrusion Prevention System. We protect web applications, but the techniques we use are very different from a traditional signature-based WAF. However, for the purposes of PCI compliance we help companies satisfy PCI 6.6.
  • Where does the JWAS sit on my network?
    At the most basic level, Junos WebApp Secure sits in the DMZ between your Firewall and your Application Servers, acting as a reverse proxy, protecting your site with its unique Intrusion Deception technology.  Detailed deployments can be somewhat more complicated, but essentially it will be the device "just inside the edge."
  • Are you a Network Intrusion Prevention System?
    No, Junos WebApp Secure protects your web traffic and only deals with HTTP and HTTPs protocols.
  • Does JWAS integrate with other Juniper Security products?
    Yes.  With the release of version 5.0, JWAS can integrate with SRX firewalls, and can also work with STRM.
  • Do you meet PCI Compliance requirements?
    Yes, according to PCI 6.6, Junos WebApp Secure helps companies meet the requirements.
  • What web applications or websites can you protect?
    We are application agnostic. You can put Junos WebApp Secure in front of any Web application or website because it does not require you to change a single line of code.
  • Do you use signatures? Is your product signature based?
    No. unlike all traditional WAF’s we are not signature-based. A solution that is primarily based on signatures cannot detect attacks that have not been witnessed in the past. Our approach is based on detecting hacker behavior, instead of specific attack vectors, and is built on injecting deceptive detection points into the code, which are of particular interest to hackers. Hackers identify themselves by “touching” our injected tar traps, among other attack behaviors.  We do use some signatures to detect behaviors based on abnormal traffic or known attack vectors, but additional qualification is performed (factoring in all data collected about the user) to ensure that false positives do not arise.
  • How can you claim that you create “No false positives”?
    Quite simple. We are very different from signature-based security products like WAF’s. We inject detection points into the code which a normal user would never see. Therefore, if somebody manipulates one of our detection points, by definition they have to be a malicious user, because the detection points they are touching are fake and not a part of the application – they are deceptive tar traps that identify attackers with no chance of a false positive.  Deception coupled with strong tracking and correlation, ensures that any additional security event information is qualified for accuracy before becoming visible in the system. 
Modification History:
2019-03-25: KB reviewed for accuracy
Related Links: