The jetNEXUS Application Firewall is an appliance that protects a Web application by controlling its input and output and the access to and from the application by inspecting the HTTP conversation between the application and clients according to a set of rules.
These rules cover common attacks such as cross-site scripting (XSS), SQL injection, session hijacking and buffer overflows which network firewalls and intrusion detection systems are often not capable of doing. The rules may be also used to enforce security policies required by PCI DSS or other security standards in order to block leakage of sensitive information like credit card numbers. By customizing the rules to your application, many attacks can be identified and blocked. The effort to perform this customization can be significant and needs to be maintained as the application is modified.