Grafik Airlock WAF

Airlock WAF

The Web Application Firewall for the highest demands on IT security

Airlock Web Application Firewall

Within the secure access hub, Airlock WAF acts as a central reverse proxy for all HTTPS connections and protects against web attacks.

Airlock WAF works in conjunction with Airlock IAM to ensure secure session management while serving as a policy enforcement point for authentication and authorisation decisions.

A web portal is a very exposed thing and must be specially secured in every case. It was therefore clear to us that we wanted to protect the web applications from unauthorized access in the best possible way with upstream security functions in a web application firewall (WAF).

Martin Burri, IT Security Officer Visana


Case Study


Airlock WAF

  • Filtering (Attack blocking)
  • Fraud detection
  • Threat Intelligence 
  • Rapid deployment – DevSecOps
  • Reporting & monitoring
  • SIEM integration
  • Virtual patching
  • Load balancing
  • Learning Mode for easier administration
  • MS applications

Airlock Microgateway

With the advent of microservice architectures and DevOps practices, central security gateways concentrating many tasks for all services on a single system have increasingly been challenged. The various stakeholders may have differing requirements, timelines and policies for the single system they share.

Airlock Microgateway it is now available as a container also in a freemium edition.



Airlock Microgateway 2.1 will be available end of May.

Airlock can be quickly and easily deployed in the Google Cloud. Existing Airlock licenses can be used for operation in the Google Cloud. The operation follows the BYOL model (Bring your own Licence).


Just try it.

Airlock can be operated in the Azure Cloud as well. In the Azure Cloud the operation is also carried out in the BYOL model (Bring your own Licence).

Just try it.

Airlock Gateway 7.8 & Microgateway 3.1

Before attacking, some hackers scans their target with a vulnerability scanner. Although an automated tool often does no damage at first, it should be deterred preventively. Just like in sports, "forechecking" hinders the opponent early on, even before he can start the actual attack.

The Airlock Anomaly Shield uses machine learning to detect such automated attacks and malicious bots based on their unusual behavior. It has been proven in production as part of our innovation program. With Airlock Gateway 7.8, the sensors of the Anomaly Shield have been improved: in practice, for example, a vulnerability scan is stopped within a few requests. The configuration has also been further simplified: you don't need a doctorate in Data Science for implementation and maintenance, but only a few minutes.

Read more

Filtering of application-based attacks

Airlock WAF analyses traffic moving between users and services. Attempted attacks on applications are blocked before they can reach the in-house systems. 

Airlock WAF provides comprehensive protection against the OWASP Top 10 vulnerabilities and enables centralised management of security policies. Thanks to these innovative security functions, you can always stay ahead of attackers.

Learn more about filtering

Policy enforcement point

Working in conjunction with Airlock IAM, Airlock WAF serves as a policy enforcement point for security guidelines, allowing only filtered, authenticated and authorised access.

This combination of access management and content filtering guarantees security, with no compromises.

Security dashboards

Thanks to built-in dynamic reporting, decision makers have an overview of attempted attacks at all times. Operational problems such as performance bottlenecks or back-end problems are also displayed. Interactive drill-down from the dashboards, along with the display of the log lines causing the issue, facilitate the in-depth analysis of every attempted attack.

Learn more about reporting and SIEM integration

Airlock Threat Intelligence

Airlock WAF seamlessly integrates Webroot's Threat Intelligence Service. Based on the categories and trust levels provided, this automatically blocks dangerous clients and further increases application protection against misuse. Webroot BrightCloud® Threat Intelligence Services is a proactive, automated security solution that provides effective, real-time policy enforcement against the latest threats.


Reverse proxy functionality and high availability

Airlock WAF is a reverse proxy that makes it possible to virtualise in-house services and applications for external access. The integrated load balancer also ensures the high availability of applications and services. Even complex issues such as the configuration of TLS security and certificate management can be dealt with upstream on the central proxy.

Thanks to integrated Let’s Encrypt support, certificate renewals can even be completely automated.

Learn more about high availability

Central hub

Airlock WAF provides a host of interfaces with peripheral systems such as SIEM systems, virus scanners, fraud-prevention systems and HSMs. Thanks to its integrated threat intelligence feed, Airlock WAF reacts immediately to real-time threat situations on the Internet, protecting systems from new and potentially harmful hazards. Additional components can be integrated via the high-availability capable ICAP interface.


With its comprehensive REST API, Airlock WAF is easy to integrate into modern DevOps pipelines and can be supplied as virtual appliance or cloud image.

Learn more about DevSecOps

Toward DevSecOps

In a DevSecOps culture, every agile team has a security expert. He fulfills non-functional requirements, so the product owner includes security in the development plan.

Read this whitepaper to learn key insights on how to successfully and efficiently implement DevSecOps, what security components are needed to make it happen, and the benefits of a microgateway architecture.

Request Whitepaper DevSecOps


Virtual appliance

Airlock cloud image

Microgateway as a container

Our whitepapers

Zero Trust is a journey

The digital transformation of the world continues to progress, and it is profoundly affecting private life and job profiles. Lern more about the effects of ongoing digitization and how it affects modern information technology

Request Whitepaper Zero Trust

Airlock 2FA

The two-factor authentication (2FA, MFA or SCA for short) in the area of IT security offers double the security. In combination with efficient customer identity & access management (cIAM), numerous processes are significantly simplified. Find out more about strong authentication and the possibilities that Airlock offers in our whitepaper.

Request Whitepaper Airlock 2FA

From spoilsport to the pioneer of digitisation

Digitisation is presenting businesses with new challenges which go far beyond information technology. This primarily relates to an aspect which is becoming increasingly important: IT security. Learn how IT security is accelerating digitization.

Request Whitepaper IT Security

Accelerate digitisation

In order to stay technically viable in this digital transformation, companies must increasingly switch to hybrid cloud environments. This requires new security approaches as well as a mature customer identity and access management system. Learn more about this topic in our whitepaper in cooperation with our partners Deloitte, eperi und SHE.

Request Whitepaper Accelerate digitisation

Ready for excellent IT security?

Contact us now.
Ergon Informatik AG+41 44 268 87 00

Information for you

-Our whitepapers-

Visit us at it-sa!

From 8 to 10 October you can visit us at the it-sa, the largest IT security event in Europe. Learn the latest news about application security, API security, access management and cloud security. In our congress on 9 October you can learn in many further lectures how you should turn your IT security from a spoilsport to an accelerator of your digitization projects.

Register now and get a free ticket

Study Application and API Security 2022

In a recent study in cooperation with CIO, CSO and COMPUTERWOCHE, Ergon Airlock looked at application and API security in the container environment.

Request study

Zero Trust is a journey

The digital transformation of the world continues to progress, and it is profoundly affecting private life and job profiles in a manner that was hard to imagine just a few years ago.

This whitepaper covers the effects of continuous digitization and its implications.

Request free of charge

Toward DevSecOps

In this whitepaper, you will learn the most important insights into how you can successfully and efficiently implement DevSecOps, which security components are required for this, and what benefits a microgateway architecture brings.

Request free of charge

Airlock 2FA - Strong Authentication. Easy.

The two-factor authentication in the area of IT security offers double the security.

Find out more about strong authentication and the possibilities that Airlock offers in our whitepaper.

Request free of charge

Further whitepapers

We provide whitepapers on these and other topics free of charge:

  • successful IAM projects
  • Compliance
  • Data protection (GDPR)
  • Introduction of PSD2
  • PCI DSS requirements
Request free of charge