What is WAF –
WAF is an abbreviation for Web Application Firewall. A Web Application Firewall (WAF) is a network security firewall solution that protects web applications from HTTP and web application-based security vulnerabilities.
Need for WAF –
In spite of networks deployed with proxies, IPS/IDS devices including network firewalls in their network to prevent attacks, web applications are still vulnerable to other attacks.
Some of the most common types of attacks which are targeted at web servers (Web Applications) include –
- SQL injection attacks
- cross-site scripting (XSS) attacks
- DDoS attacks.
WAF devices are widely used to protect websites, E-commerce, mobile apps and other online applications. A WAF is deployed between application servers and network edge routers and firewalls.
A WAF filters, monitors, and blocks HTTP/HTTPS traffic to and from a web application to protect against attack to compromise the system data.
WAF solutions also become more important especially in financial customers they can also help your organization comply with PCI-DSS and HIPAA regulations.
WAF Appliances –
Some of WAF Appliances preferred across the globe are –
- Imperva SecureSphere
- Barracuda Web Application Firewall
- Citrix Netscaler Application Firewall
- Fortinet FortiWeb
- F5 BIG-IP Application Security Manager (ASM)