About This Architecture
Five-layer integrated firewall and WAF architecture combining Layer 4 stateful inspection with Layer 7 application-level threat detection. Traffic flows through policy dispatch and rule compilation, then splits into dual detection engines—four-layer ACL filtering and seven-layer WAF protection against SQL injection, XSS, SSRF, CC attacks, and bot abuse. Unified enforcement actions (allow, block, temporary ban, log, alert) feed into centralized management, logging, and alerting via the control plane. The foundation leverages DPDK high-performance I/O, distributed Redis caching, and persistent storage to ensure sub-millisecond latency and 99.99% availability across transparent, routing, and reverse-proxy deployment modes.