This section provides question and answers related to CWAAP functionalities.

  1. What is Citrix CWAAP?

    Citrix CWAAP is a cloud service compatible from anywhere for applications to be hosted. Citrix WAF solution integrated with DDoS mitigation service, the combination provides a comprehensive, layered protection stack that proactively prevents bot-based volumetric attacks, and threats that target the application layer, such as SQL, cross-site scripting, CSRF, session hijacking, data exfiltration and zero-day vulnerabilities.

  2. What does Web Application Firewall do in the CWAAP service?

    Citrix Web App Firewall monitors, filters, or blocks inbound and outbound web application traffic that has security attacks.

  3. What does CWAAP DDoS protect?

    CWAAP DDoS protection is a DDoS mitigation service. CWAAP scrubs malicious Internet traffic, allowing clean, legitimate traffic to flow to your infrastructure.

  4. What is a distributed denial-of-service (DDoS) attack?

    A distributed denial-of-service (DDoS) attack is when multiple entities are operating together to attack one target. DDoS attackers often use the use of a botnet—a group of hijacked internet-connected devices to carry out large scale attacks. Attackers take advantage of security vulnerabilities to control numerous devices using command and control software.

  5. What is the goal of a DDoS attack?

    To exhaust network bandwidth, server resources, or applications in such a way that legitimate users cannot access a site. The purpose for such attacks, however, can vary widely.

  6. What are the common Web Application Firewalls (wAF) techniques of Layer 7 attacks?

    • Cross-site scripting (cross-site scripting) is an injection attack in which an attacker injects malicious script into a web application.

    • Cross-site request forgeries (CSRF) trick end users into running state-change actions on a web app with which they are authenticated. Such attacks can instigate actions such as transferring funds or changing email addresses.

    • SQL injections are well-known exploits in which an SQL data is inserted into the query response from a client.