Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)
Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

3.3 Web Application Firewall (WAF)

This section is part of the amber and green pathways.

A web application firewall is a device dedicated to protecting a web server. On the network, it is placed such that all traffic first passes through the WAF and then reaches the web server. A WAF is quite different from a firewall, an IDS, or an IPS, as noted in Table 3. The IPS inspects all data traffic that attempts to enter or leave the network, while the WAF inspects only the web data traffic. The traffic is inspected for specific types of attack on web servers as well as presence of malware in the content accessed/downloaded from other sites.

Table 3 WAF vs. IPS

Web Application Firewall (WAF) IPS
Where in the network? Placed in front of the web server. It could also be integrated into the web server, for lower loads Between the firewall and the router connecting to the internet
Primary function Inspect application data traffic (web data traffic) and the content to protect against web-specific attacks Inspects the data traffic and blocks suspicious data traffic from reaching the firewall
Protection against SQL injection, Cross Site Scripting, session manipulation attacks, javascript-based attacks Covers attacks against all components of a networked device – the OS (Windows, MacOS, Linux) and the applications on it (WWW, email, file sharing, etc.)

In cases where the web traffic is small, the WAF – a piece of software – is integrated on to the web server itself. In cases where there is a substantial amount of web data traffic, a dedicated appliance is used as a WAF.

Please complete Quick poll #19 [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)]   now.

Open the poll in a new window or tab then come back here when you’re done.

Next, you’ll have the opportunity to review your learning in the end-of-week practice quiz.

CYBER_B2

Take your learning further371

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses372.

If you are new to university level study, we offer two introductory routes to our qualifications. Find out Where to take your learning next?373 You could either choose to start with an Access courses374or an open box module, which allows you to count your previous learning towards an Open University qualification.

Not ready for University study then browse over 1000 free courses on OpenLearn375 and sign up to our newsletter376 to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371