While deliberating on type of security to be employed for Web-facing applications or e-commerce servers, designers and administrators may find this challenging whether Network firewall or Web application Firewall addresses the security requirement of such deployment.
While one school of thought may argue that perimeter security (provided by Network Firewalls) is the essential item secured traffic flow, others may support Web Application firewall considering its ability to provide security from Layer 7 attacks.
Related – Firewall Security Level
So, lets 1st understand the basics of WAF (Web Application Firewall) and Network Firewall.
WAF or Web Application Firewall –
A Web Application Firewall is a network security firewall solution that protects web applications from HTTP/S and web application-based security vulnerabilities.
Some of the most common types of attacks which are targeted at web servers (Web Applications) include –
- SQL injection attacks
- cross-site scripting (XSS) attacks
- DDoS attacks.
Know more about WAF
Network Firewall –
Network Firewall is a device which controls access to a secured LAN network to protect it from unauthorized access.
A firewall acts as a filter which blocks incoming non-legitimate traffic from entering the LAN network and cause attacks.
The main purpose of a firewall is to separate a secured area (Higher security Zone / Inside Network) from a less secure area (Low-security Zone / Outside Network etc.) and to control communications between the two.
A firewall also controls inbound and outbound communications across devices.
Now that we have clarity of fundamentals of WAF and Network Firewall, below table references on how both technologies differ from each other
WAF vs Network Firewall –
Detailed comparison table of web application firewall vs firewall –
|Philosophy||A Web Application Firewall (WAF) is a network security firewall solution that protects web applications from HTTP/S and web application-based security vulnerabilities.||Network Firewall is a device which controls access to secured LAN network to protect it from unauthorized access. Firewall acts as a filter which blocks incoming non-legitimate traffic from entering the LAN network and cause attacks.
|OSI Layer coverage||Layer 7||Layer 3 - 4
|Modes of operation ||* Active Inspection|
* Passive mode
|* Transparent mode
* Routed mode
|DDOS Protection||Application Layer||Basic level only at Network Layer
|Target objects protection||Protects HTTP/HTTPs based servers and Applications placed in Internet facing Zones of Network Firewall||Protection of user and organizational IT assets including applications, Servers and management.
|Placement in Network||Close to Web/Internet Facing Applications||On Perimeter of Network (Commonly Internet)
|Web Application protection||All-encompassing, including complete coverage of application layer ||Minimal
|Access Control||Not possible||Possible
|Algorithms||* Signature based|
* Anomaly detection
|* Packet filtering
* Stateful/stateless inspection
|Related attacks protection||* SQL injection attacks|
* Cross-site scripting (XSS) attacks
* DDoS attacks.
|* Attack from less secured zones.
* Unauthorised users accessing private networks