Zoomtutorials
  • Tutorials
    • DevOps
      • Terraform
      • Git
      • GitHub
      • Jenkins
      • Docker
      • Kubernetes
      • Ansible
      • Python
      • Azure DevOps
      • AWS DevOps
    • Cloud
      • AWS
      • Azure
      • GCP
      • Oracle Cloud
      • Alibaba Cloud
      • IBM Cloud
      • DigitalOcean
      • Linode
    • Microsoft Dynamics ERP
      • Dynamics 365
        • D365 FnO
        • D365 BC
      • Dynamics AX
      • Dynamics NAV
      • Dynamics GP
      • Dynamics CRM
    • Azure DevOps
      • Azure Boards
      • Azure Repos
      • Azure Pipelines
      • Azure Test Plans
      • Azure Artifacts
      • Extensions Marketplace
    • AWS DevOps
      • CodeStar
      • CodeCommit
      • CodeBuild
      • CodeDeploy
      • CodePipeline
      • CodeArtifact
    • Web Server
      • IIS
      • Apache
      • NGINX
      • Tomcat
      • NodeJS
    • Microsoft
      • Office 365
      • Microsoft 365
      • SharePoint
      • MS Dynamics ERP
  • Development
    • Application
      • Magento 2
      • Magento
      • WordPress
      • PHP
      • .Net
      • .Net Core
      • NodeJS
      • JAVA
    • Database
      • Microsoft SQL Server
      • MySQL
      • MariaDB
      • Amazon Aurora
      • SQL Proxy
  • HowTos
    • Linux OS
      • RHEL
      • Ubuntu
      • CentOS
      • Fedora
      • Debian
    • Linux Tips
      • Linux Commands
      • Linux Tricks
      • Linux Cheatsheet
    • Windows OS
      • Server 2019
      • Server 2016
      • Server 2012
      • Server 2008
      • Windows 11
      • Windows 10
      • Windows 8
      • Windows 7
    • Windows Tips
      • Windows Commands
      • Windows Shortcuts
  • Tools
    • Monitoring
      • New Relic
      • ELK Stack
    • Security
      • Firewall
      • Internet Security
      • Antivirus
    • Backup
      • SQL Backup
      • Iperius Backup
  • Courses
  • News
  • More…
    • Services
    • Write For Us
    • Hire Us
    • Community
    • Donate ❤️
    • Contact Us
Facebook Twitter Instagram
Zoomtutorials
  • Tutorials
    • DevOps
      • Terraform
      • Git
      • GitHub
      • Jenkins
      • Docker
      • Kubernetes
      • Ansible
      • Python
      • Azure DevOps
      • AWS DevOps
    • Cloud
      • AWS
      • Azure
      • GCP
      • Oracle Cloud
      • Alibaba Cloud
      • IBM Cloud
      • DigitalOcean
      • Linode
    • Microsoft Dynamics ERP
      • Dynamics 365
        • D365 FnO
        • D365 BC
      • Dynamics AX
      • Dynamics NAV
      • Dynamics GP
      • Dynamics CRM
    • Azure DevOps
      • Azure Boards
      • Azure Repos
      • Azure Pipelines
      • Azure Test Plans
      • Azure Artifacts
      • Extensions Marketplace
    • AWS DevOps
      • CodeStar
      • CodeCommit
      • CodeBuild
      • CodeDeploy
      • CodePipeline
      • CodeArtifact
    • Web Server
      • IIS
      • Apache
      • NGINX
      • Tomcat
      • NodeJS
    • Microsoft
      • Office 365
      • Microsoft 365
      • SharePoint
      • MS Dynamics ERP
  • Development
    • Application
      • Magento 2
      • Magento
      • WordPress
      • PHP
      • .Net
      • .Net Core
      • NodeJS
      • JAVA
    • Database
      • Microsoft SQL Server
      • MySQL
      • MariaDB
      • Amazon Aurora
      • SQL Proxy
  • HowTos
    • Linux OS
      • RHEL
      • Ubuntu
      • CentOS
      • Fedora
      • Debian
    • Linux Tips
      • Linux Commands
      • Linux Tricks
      • Linux Cheatsheet
    • Windows OS
      • Server 2019
      • Server 2016
      • Server 2012
      • Server 2008
      • Windows 11
      • Windows 10
      • Windows 8
      • Windows 7
    • Windows Tips
      • Windows Commands
      • Windows Shortcuts
  • Tools
    • Monitoring
      • New Relic
      • ELK Stack
    • Security
      • Firewall
      • Internet Security
      • Antivirus
    • Backup
      • SQL Backup
      • Iperius Backup
  • Courses
  • News
  • More…
    • Services
    • Write For Us
    • Hire Us
    • Community
    • Donate ❤️
    • Contact Us
Facebook Twitter Instagram YouTube LinkedIn
Zoomtutorials
Home»Tutorials»Azure»Azure Web Application Firewall (WAF) Use Cases
Azure

Azure Web Application Firewall (WAF) Use Cases

Choudhury SBy Choudhury SApril 15, 2020Updated:September 14, 2020No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Share
Facebook Twitter LinkedIn Pinterest Email

Why we need a WAF?

Just as an online retail customer can interact with an online retail site, hackers can conduct malicious interactions as well.  These attacks predominantly occur as SQL injections, cross-site scripting and malicious file executions.  A modern day WAF is designed to protect against these and other OWASP Top Ten application risks.  Azure WAF is able to discern fraudulent interactions from legitimate traffic.  This is a highly complex task as hackers today weave their attack code within safe-looking website traffic.  A WAF accomplishes this by intercepting and analyzing each and every HTTP request before they reach the web application.

WAF is also designed to perform SSL termination.  Much of today’s web traffic is encrypted in order to protect the data being transferred within the web session.  HTTPS works both ways however, in that it also protects malicious hacking code from being scrutinized as well.  Many hackers take advantage of this, using HTTPS as a camouflage to avoid detection.

Because a WAF stands between the public and the web application, it is able to decouple the traffic between the web server and the internet.  SSL certificates are hosted on the WAF, thus terminating the encrypted connection.

img 5e972018079d6 - Azure Web Application Firewall (WAF) Use Cases
Image: Azure Web Application Firewall

Use Cases:

1: Protect websites and applications

The primary function of a WAF is to protect applications that communicate over HTTP, including websites, API endpoints, and server less functions.

WAFs are the first layer of defence for the web. They can detect and block known and unknown attacks, lock down insecure systems, prevent data leaks, control access to URLs and ports, and mitigate the risk of inadequately configured servers.

A WAF provides all the benefits of a regular network firewall and more. It can detect advanced attacks such as the ones described in the OWASP Top 10 Threats list, enforce security policies, and ensure SSL security mechanisms.

2: Comply with security and regulatory standards

While threat prevention is the primary use case for a WAF, it’s not by any means the only one. Any website that processes or stores credit card data must comply with the Payment Card Industry Data Security Standard (PCI-DSS). Non-compliance can have grave consequences; breaches or credit card frauds in uncertified systems are heavily fined.

PCI-DSS mandates that websites must pass a security assessment (Requirement 6.6). The requirement can be fulfilled either by a code review—which can be expensive—or by setting up a WAF. Adopting a WAF can be the quickest and most efficient way to comply with regulatory requirements.

3: Control bots and prevent DDoS attacks

Bots are taking over. A third way in which WAFs can help us is by controlling their access to our systems.

On the Internet, there are good bots and bad bots. The good ones are fundamental for keeping things working. The bad ones will try to scrape content from websites, send spam, steal information, install malware, abuse APIs, brute force passwords, or initiate a DDoS attack.

Bots can cause damage by amplifying the effect of exploits or by over-utilizing resources and causing unexpected costs.  WAF can block repeated access from bots with fine-grained rate limits and CAPTCHA rules.

4: Patch vulnerabilities

No code is perfect. Despite the best efforts to secure an application, there will always be some chance of vulnerabilities sneaking into production. When that happens, it can take some time until a solution is found and a patch is released.

The situation is even worse when a third party owns the code. Some vendors can take several days or weeks to release a patch. For instance, WordPress, the most popular CMS platform in the world (and the most hacked), releases security patches on a monthly schedule. Some of its plugins can have even more infrequent release schedules.

Unmaintained code is another problem altogether. When the source is no longer available, there is no way to patch it. In such cases where there is no suitable alternative, a WAF can be the only way of securing and locking down these systems.

5: Detect intrusions in real-time

Administrators and security teams have to keep track of traffic in real-time to detect attacks and act accordingly. On distributed systems, this is difficult because logs are scattered among many heterogeneous interfaces. Oftentimes intrusions are only detected hours or days after taking place.

A WAF acts as a central point of logging and metrics collection, with a particular focus on security. Administrators can monitor traffic, detect attacks in real-time, and take appropriate actions. WAF logs are also vital for diagnosing and assessing previous attack attempts.

azure waf
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Choudhury S
  • Website

Choudhury is the founder and chief editor of ZoomTutorials Blog, a leading tutorials and technology blogging site specializing in DevOps, SysAdmin and Cloud Technologies to help IT professionals in their day to day work. He is a Senior Cloud and DevOps Solutions Engineer at a leading eCommerce development Company and has more than 10+ years of Cloud, DevOps and SysAdmin experience working with Fortune 500 companies to solve their most important IT backbones. He lives in Hyderabad with his wife and a son.

Related Posts

Open Web Application Security (OWASP) Rules

April 9, 2020

How to implement multi-website on single Azure Application Gateway WAF

April 9, 2020

How to Create and Deploy Azure Firewall

March 28, 2020
0 0 votes
Article Rating
Subscribe
Notify of
guest
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments

Buy Me a Coffee Plz...

Get our latest tutorials
Recent Posts
  • How to Use the slmgr Command in Windows
  • How To Extend Windows Server Evaluation after Trial Period Expiry
  • List of Useful Magento 2 Commands
  • Magento 2 Commands and the Use Cases
  • MySQL and MariaDB Performance Tuning and Optimization
  • Microsoft Dynamics AX End of Support/Life
  • Magento Community read/write splitting with Database Proxy
  • Git Commands for developers and sysadmins
  • Install the git credential-oskeychain
  • Install Git on Windows, Linux and Mac
May 2022
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
« Aug    
Archives
Site Statistics
  • Visitors today : 6
  • Page views today : 6
  • Total visitors : 10,115
  • Total page view: 10,820
svg+xml;base64,PHN2ZyB2aWV3Qm94PScwIDAgMSAxJyB4bWxucz0naHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmcnPjwvc3ZnPg== - Azure Web Application Firewall (WAF) Use Cases
Facebook Twitter Instagram YouTube LinkedIn
  • Donation ❤️
  • About
  • Services
  • Contact Us
  • Privacy Policy
  • Terms of Use
Copyright © 2017- 2022 by Zoomtutorials.com. All Rights Reserved. Designed with ❤️ by CloudSols.com

Type above and press Enter to search. Press Esc to cancel.

wpDiscuz