WAF for MSP Tools

WAF-for-MSPs is an add-on integration to our reverse proxy service to provide web application firewalling for MSP tools.

Security is of the utmost importance for RMM systems, as MSPs continue to be the targets of cybersecurity attacks. New software vulnerabilities are found at an accelerating pace, and zero-day attacks are on the rise. This leaves many MSPs concerned about potential attacks on their tools, like ConnectWise Automate, which has had remotely exploitable SQL injection and XXE vulnerabilities in the past. A WAF is an ideal solution to such attacks, but they are typically complex to implement and tend to have a high rate of false positives.

Here at Automation Theory, we’ve created a WAF module for our reverse proxy service that’s tuned for MSPs. This allows for a drop-in deployment of a WAF where traffic passing through the reverse proxy instance is sent to the WAF for scoring (much like a spam filter). Based on the score, the proxy will pass or block the traffic, seamlessly integrating into the other security layers provided by the reverse proxy.

Benefits

Supported Applications

	Application	WAF Support
	Connectwise Automate
	Connectwise ScreenConnect
	Connectwise Manage
	Hudu
	Bitwarden

Features

Deep inspection of inbound traffic
- Blocking of common exploits (including OWASP Top 10)
- Blocking of suspicious requests (including bots, malformed requests, and protocol violations)
Fully managed service
Rules tuned for MSP applications
Seamless integration with Reverse-Proxy-as-a-Service

A typical MSP application has no native protections against application exploits, and a bad actor with a zero-day vulnerability could trivially launch an attack. A WAF can address this issue and add further layers of security to protect against attack. Below is a recorded webinar displaying this feature set with Connectwise Automate.

WAF attack prevention example

Below is an example of the WAF blocking a SQL injection attempt. When the request is sent, the attack is detected, the proxy responds with a 405 error, and the malicious request never reaches the Automate server.

Next Steps

Ready to get started?

Please fill out the form below if you’d like to set up a trial of our WAF service:

Need a quote?

Use our self-service quote form below to get a quote delivered directly to your inbox.

	Easy Deployment	Transparent implementation with reverse proxy
	Fully Managed	Continuous monitoring for false positives and rule updates
	Designed for MSPs	All parts of the service are designed with MSP workflows in mind

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.