F5
ADVANCED WEB APPLICATION FIREWALL (WAF)
Protect your apps, APIs, and data against the most prevalent cyberattacks – zero-day vulnerabilities, application-level DoS attacks, threat campaigns, application takeovers, and bots.
Application attacks are the leading cause of breaches – they are the gateway to your valuable data. With a proper WAF, you can block the range of attacks that seek to exfiltrate this data by compromising your systems.
How does a web application firewall (WAF) work?
A WAF protects your web applications by filtering, monitoring, and blocking any malicious HTTP/S traffic going to the web application and prevents any unauthorized data from leaving the application. It does this by adhering to a set of policies that help determine which traffic is malicious and which is safe. Just as a proxy server acts as an intermediary to protect a client’s identity, a WAF works in a similar way, but in reverse – called a reverse proxy – acting as an intermediary that protects the web application server from a potentially malicious client.
WAFs can come in the form of software, an appliance, or be delivered as a service. Policies can be customized to meet the unique needs of the web application or set of web applications. While many WAFs require regular policy updates to address new vulnerabilities, advances in machine learning allow some WAFs to be updated automatically. This automation becomes increasingly critical as the threat landscape continues to grow in complexity and ambiguity.
An IPS is an intrusion prevention system, a WAF is a web application firewall, and an NGFW is a next-generation firewall. What is the difference between them all?
An IPS is a security product with a broader purpose. It is usually signature and policy based, which means that it can check for well-known vulnerabilities and attack vectors based on a database of signatures and established policies. IPS sets a standard based on the database and policies, then sends alerts if traffic deviates from that standard. Signatures and policies grow over time as new vulnerabilities become known. In general, IPS protects traffic from a range of protocol types, such as DNS, SMTP, TELNET, RDP, SSH, and FTP. IPS typically operates and protects layers 3 and 4. Network and session layers, although some may provide limited protection at the application layer (layer 7).
A web application firewall (WAF) protects the application layer and is specifically designed to analyze every HTTP/S request at the application layer. It is usually user, session and application aware, being aware of the web applications behind it and the services they provide. For this reason, you can think of a WAF as an intermediary between the user and the application itself, analyzing all communications before they reach the application or the user. Traditional WAFs ensure that only allowed actions (based on security policy) can be performed. For many organizations, WAFs are a trusted first line of defense for applications, especially to protect against the OWASP Top 10 – the foundational list of the most observed application vulnerabilities.
A next-generation firewall (NGFW) monitors traffic going to the Internet – between websites, email accounts and SaaS. In short, it protects the user (from the web application). An NGFW will enforce user-based policies and adds context to security policies, in addition to adding features such as URL filtering, anti-virus/anti-malware and possibly its own intrusion prevention systems (IPS).
While a WAF is typically a reverse proxy (used by servers), NGFWs are often direct proxies (used by clients such as a browser).
Discover the benefits of the F5 WAF
Advanced WAF combines machine learning, threat intelligence and deep application expertise.
Behavioral analytics and machine learning ensure highly accurate L7 DoS detection and mitigation.
Defends mission-critical applications from today's biggest security problems, the OWASP Top 10 Vulnerabilities.
Implements tools that secure GraphQL, REST/JSON, XML and GWT APIs.
API-based declarative deployment and configuration allows security to be provided as code.
Protects against brute force attacks using stolen credentials.
Encrypts data at the application level to protect against data-mining malware and man-in-the-browser attacks.
Protects applications from automated attacks by bots and other malicious tools.
WHY ADVANCED WAF?
Protect against the most widespread attacks on your apps, without having to update the apps themselves.
Automated attacks and bots can overwhelm application resources.
New attack surfaces and threats due to the rapid adoption of APIs.
Application-level attacks can bypass signature and reputation-based security solutions.
Bots targeting customers using the browser and mobile phones.
Attacks that steal application credentials or take advantage of compromised accounts.
Active attack campaigns are difficult to detect compared to individual attacks.
MODERN APPLICATIONS NEED A GLOBAL MANAGEMENT APPROACH
Analyze, debug, automatically adapt, and control every F5 application, service, and device (virtual and physical) in any environment – all from a single centralized, role-specific pane of glass.
Got questions? Ask a Xontech Systems expert
