While deliberating on type of security to be employed for Web facing applications or e-commerce servers , designers and administrators may find this challenging whether Network firewall or Web application Firewall addresses the security requirement of such deployment. While one school of thought may argue that perimeter security (provided by Network Firewalls) is the essential item secured traffic flow, others may support Web Application firewall considering its ability to provide security from Layer 7 attacks.
So, lets 1st understand the basics of WAF (Web Application Firewall) and Network Firewall.
A Web Application Firewall is a network security firewall solution that protects web applications from HTTP/S and web application-based security vulnerabilities. Some of the most common types of attacks which are targeted at web servers (Web Applications) include –
- SQL injection attacks
- cross-site scripting (XSS) attacks
- DDoS attacks.
Network Firewall is a device which controls access to secured LAN network to protect it from unauthorized access. Firewall acts as a filter which blocks incoming non-legitimate traffic from entering the LAN network and cause attacks. The main purpose of a firewall is to separate a secured area (Higher security Zone / Inside Network) from a less secure area (Low security Zone / Outside Network etc.) and to control communications between the two. Firewall also controls inbound and outbound communications across devices.
Now that we have clarity of fundamentals of WAF and Network Firewall, below table references on how both technologies differ from each other –