Northwall Tech

Network, Cyber Security, Public Cloud & DevOps Specialists.

What we do

We secure and harden critical platforms so they're fast, reliable and compliant — on-prem or in the cloud. From traffic flow to certificates and network design, we sort the foundations so you can get on with delivery.

Get in touch
All systems operational. Last scan: 0 Critical , 4 High , 5 Medium , 1 Low , 13 Informational
northwall@app:~$

    


    

      
Contact us

      

        
        
        

        
        


        
        

        
      



      
By submitting this form you agree we may contact you about your enquiry. We do not share your data.

    


      


  
Packet Journey

  
A visual of how we help manage, protect, and strengthen your packet journey from client to origin.

  
sequenceDiagram
    participant C as Client
    participant F as FW
    participant W as LB/WAF
    participant O as Origin

    %% TCP: full 3-way handshake (Client ↔ FW / edge)
    C->>F: TCP SYN (MSS≈1460)
    F-->>C: TCP SYN/ACK
    C->>F: TCP ACK
    Note over C,F: TCP connection established

    %% TLS handshake (Client ↔ WAF): SNI + ALPN proposal/selection
    C->>W: TLS ClientHello (SNI, ALPN:h2)
    W-->>C: TLS ServerHello (ALPN:h2, cert)
    C-->>W: Finished
    W-->>C: Finished
    Note over C,W: TLS 1.3 established (HTTP/2)

    %% Application data (HTTP/2)
    C->>W: HTTP/2 request
    W->>O: HTTP/2 request + X-Forwarded-For
    O-->>W: HTTP/2 response (+ HSTS)
    W-->>C: HTTP/2 response

    %% Optional: if WAF re-encrypts to origin
    Note over W,O: If TLS to origin: ALPN negotiated here (h2)




    
    

      
Next-gen transport: HTTP/3 with QUIC & TLS 1.3

      
From TCP handshakes to QUIC streams — the evolution of your packet journey. Client-to-edge uses QUIC (UDP/443) with TLS 1.3 built in. At the origin, backend typically uses HTTP/2 or HTTP/1.1 over TLS; HTTP/3-to-origin may be available in specific configurations.

      
sequenceDiagram
participant Client
participant Edge as CDN/Edge (WAF)
participant Origin

Client->>Edge: QUIC Initial (UDP/443) + TLS 1.3 ClientHello (ALPN=h3, SNI)
Edge-->>Client: QUIC Handshake + TLS 1.3 ServerHello (ALPN=h3)
Note over Client,Edge: HTTP/3 established (QUIC streams)

Client->>Edge: GET / (HTTP/3)
alt Typical origin
  Edge->>Origin: GET / (HTTP/2 over TLS, ALPN=h2)
else Legacy origin
  Edge->>Origin: GET / (HTTP/1.1 over TLS)
else When enabled
  Edge->>Origin: GET / (HTTP/3 over QUIC)
end
Origin-->>Edge: 200 OK
Edge-->>Client: 200 OK (HTTP/3)