Network Resources Blog
January 7, 2020 What is a WAF?
It wasn’t that long ago when a premise based Firewall deployed at a branch office or data center was common place. If you think about how traffic was deployed and used prior to mobile connections, it was mostly hub and spoke. This had advantages such as control of traffic coming into a handful of locations and managing that traffic across firewalls and bandwidth seemed simpler at the time.
Fast forward to the 21st century where proximity based traffic must arrive fast and efficiently serving content to its users or lose subscribers….an imminent death if you’re a content marketing professional.
Web Application Firewalls have now burst on to the scene especially with Cloud workloads requiring some sort of protection across the internet. Most WAFs serve as a reverse proxy in front of whatever web application or service required for protection. What’s great about a WAF is the hardware, software, monitoring etc is handled by the service provider compared to you the operator maintaining all of this across the globe. WAFs also can serve as a service meaning as you need increased bandwidth, additional applications (say you have a few Amazon S3 buckets exposed) etc, you can scale up or down as required. There are some disadvantages where you really need to know where the routing and latency occurs across these WAF deployments. Why? For one, having a WAF in-line to your connection (the firewall receives your user requests first) will already add an additional routing hop and with that some sort of latency. So, if your WAF deployment is in one part of the world and your SaaS application for example is nowhere near it, you will have tremendous amount of latency and thus a poor user experience potentially.
Most WAF providers conform to the OWASP guide and often you will hear the OWASP Top 10 reference which is updated regularly.
So who are some of the WAF providers in the industry? Here’s a Gartner Peer Insights review of some of the major players for your review.