Fundamentals of Secure Software - WAF (Web Application Firewall)

To apply rules to HTTP conversations to protect against attacks

To enhance the speed of web applications

To provide a backup for web servers

To manage network traffic efficiently

Load balancing

Direct connection

Reverse proxy

Transparent bridge

It can automatically fix SQL injection vulnerabilities

It can operate independently of the application

It eliminates all network latency

It reduces the cost of web hosting

It can solve all security issues

It requires no maintenance

It may introduce latency concerns

It is always expensive to deploy

Hardware-based WAF

Cloud-based WAF

Host-based WAF

Network-based WAF