Compare Application based, Network based or Cloud based WAF

What is Web Application Firewall (WAF) Security

A Web Application Firewall (WAF) detects web traffic looking for suspicious activity; it can then automatically filter out illegitimate traffic based on rule sets that you ask it to apply. It looks at both GET and POST based HTTP requests and applies a rule set. It can block comment spam, cross-site scripting attacks and SQL injections.

Web application firewalls are a common security control used by enterprises to protect Web applications against zero day exploits, impersonation and known vulnerabilities and attackers. Through customized inspections, a WAF is also able to prevent cross-site scripting (XSS) attacks, SQL injection attacks, session hijacking and buffer overflows, which traditional network firewalls and other intrusion detection systems may not be capable of doing. WAFs are especially useful to companies that provide products or services over the Internet.The below 3 types of firewalls are helpful to protect your organization’s data.

Application Based Firewall

An application firewall is a type of firewall that scan, monitors and controls network, Internet and local system access and operations to and from an application or service. This type of firewall makes it possible to control and manage the operations of an application or service that is external to the IT environment. An enhanced firewall limits access by applications to the operating system of a computer. Conventional Firewalls merely control the flow of data to and from the central processing unit (CPU). An application firewall offers protection by controlling the execution of files or the handling of data specific applications.

For best performance, the user must configure a conventional firewall. The person who is using the application must know which ports unwanted data is likely to enter or leave through. Some of the services performed by an application firewall include controlling the execution of applications, data handling, blocking malicious code from being executed and more. There are two types of application firewalls:

1. Network-Based Application Firewalls: Scan and monitor network-based traffic destined for the application layer or for any specific application.

2. Host-Based Application Firewalls: Monitor all the incoming and outgoing traffic initiated by an application or service on a local computer, system or host.

Network Based Firewall

Network firewalls, located at the boundary between the internal network and external networks such as the internet; typically provide a variety of services. Such products are either hardware-based, software-based, or a combination of both. Some also provide application proxy services, an example of which is Microsoft® Internet Security and Acceleration (ISA) Server.

Most of these types of network firewall products provide some or all of the following functionality:

Management and control of network traffic by performing stately packet inspection, connection monitoring, and application-level filtering.

Stately connection analysis by inspecting the state of all communications between hosts and storing connection data in state tables. 

Virtual private network (VPN) gateway functionality by providing IPsec authentication and encryption together with Network Address Translation-Traversal (NAT-T), allowing permitted IPsec traffic to traverse the firewall with public to private IPv4 address translation. 

Cloud Based Firewall

There are cloud firewalls and there are cloud firewalls. While the underlying technology may be the same, there really are two types of products and use cases: One aims to protect the organization’s network and users, while the other protects cloud infrastructure and servers. Let’s contemplate the differences.

Cloud based firewalls come in two delicious flavors: vanilla and strawberry. Both flavors are software that checks incoming and outgoing packets to filter against access policies and block malicious traffic. Yet they are also quite different. Think of them as two essential network security tools: Both are designed to protect you, your network, and your real and virtual assets, but in different contexts.

These firewalls are usually stand alone products or services designed to protect an enterprise network and its users like an on premises firewall appliance, except that it is in the cloud. 

Leave a Reply