EMAIL SUPPORT
dclessons@dclessons.comLOCATION
AFAzure Web Application Firewall
Azure Web Application Firewall
Azure Web application Firewall provides Centralized protection to all your Web applications from common exploits and Vulnerabilities and attacks like SQL Injection, Cross-Site Scripting etc.
In Normal Scenarios, preventing applications code is little bit challenge, because it requires rigorous maintenance, patching, Monitoring at multiple layers of Applications.
A WAF Solution react to any security threat faster by centrally patching a known vulnerability, instead of securing each individual web application.
WAF can be easily deployed with following Services:
- Azure Application Gateway
- Azure Front Door
- Azure Content Delivery Network
Let’s discuss one by one and learn how WAF works with these services.
Azure WAF on Azure Application Gateway
Azure Waf on Application Gateway is based on Core Rule Set (CRS) from Open Web Application Security Project (OWASP).
You know that Application gateway has two versions of WAF SKU:
- Application gateway WAF_v1
- Application gateway WAF_v2
WAF policy association only supports on Application gateway WAF_v2
Below figure describes how WAF works on Application gateway
Application gateway operates as an application delivery controller (ADC). It provides Transport layer Security or SSL Termination, cookie-based session affinity, round robin load distribution, content-based routing, host multiple websites and security enhancement.
In Security Enhancement, it includes TLS policy management and end-to-end TLS support. When WAF is integrated to Application Gateway, it protects your application against common vulnerabilities.
WAF Benefits on Application Gateway
Below are some benefits of WAF when used on Application gateway
Protection:
- Protect your web applications from web vulnerabilities and attacks without modification to back-end code.
- Protect multiple web applications at the same time. An instance of Application Gateway can host up to 40 websites that are protected by a web application firewall.
- Create custom WAF policies for different sites behind the same WAF
- Protect your web applications from malicious bots with the IP Reputation ruleset
Monitoring
- Monitor attacks against your web applications by using a real-time WAF log. The log is integrated with Azure Monitor to track WAF alerts and easily monitor trends.
- The Application Gateway WAF is integrated with Microsoft Defender for Cloud. Defender for Cloud provides a central view of the security state of all your Azure, hybrid, and multicloud resources.
Customization
- Customize WAF rules and rule groups to suit your application requirements and eliminate false positives.
- Associate a WAF Policy for each site behind your WAF to allow for site-specific configuration
- Create custom rules to suit the needs of your application
Comment
TABLE OF CONTENTS
RECENT POSTS
- Advancing Your Career with Cisco Data Center Mastery: A Comprehensive Guide to Nexus Training
- Securing Networks in the Digital Age: Your Guide to Mastering Cisco Identity Services Engine (ISE)
- Becoming an AWS Solution Architect: Your Path to Cloud Expertise
- Navigating Your Journey to Docker Expertise: Master Docker with Comprehensive Training and Certification
- Transform Your Azure Networking Expertise Through AZ-700 Training
- Why Choose DClessons for Your SD-WAN Velocloud Training Needs
- Next-Level Networking: Unlocking Cisco ACI and DCACIA Potential with DClessons
- Mastering Data Center Technologies with DClessons: A Comprehensive Guide to Cisco CCIE Data Center Training
- Why Choose Cisco SD-WAN Solutions with DClessons?
- What is Docker and Why is It Important?
LEAVE A COMMENT
Please login here to comment.