3.3 Web Application Firewall (WAF)
This section is part of the amber and green pathways.
A web application firewall is a device dedicated to protecting a web server. On the network, it is placed such that all traffic first passes through the WAF and then reaches the web server. A WAF is quite different from a firewall, an IDS, or an IPS, as noted in Table 3. The IPS inspects all data traffic that attempts to enter or leave the network, while the WAF inspects only the web data traffic. The traffic is inspected for specific types of attack on web servers as well as presence of malware in the content accessed/downloaded from other sites.
Table 3 WAF vs. IPS
|Web Application Firewall (WAF)||IPS|
|Where in the network?||Placed in front of the web server. It could also be integrated into the web server, for lower loads||Between the firewall and the router connecting to the internet|
|Primary function||Inspect application data traffic (web data traffic) and the content to protect against web-specific attacks||Inspects the data traffic and blocks suspicious data traffic from reaching the firewall|
In cases where the web traffic is small, the WAF – a piece of software – is integrated on to the web server itself. In cases where there is a substantial amount of web data traffic, a dedicated appliance is used as a WAF.
Please complete Quick poll #19 now.
Open the poll in a new window or tab then come back here when you’re done.
Next, you’ll have the opportunity to review your learning in the end-of-week practice quiz.