Describe what is Web Application Firewall


So far, we’ve looked at the traditional security concerns for the protection of your assets, resources, and data from external attack by using firewalls and network security groups. But there's another threat surface now being exploited by hackers: web applications.

Web applications are increasingly targeted by malicious attacks that exploit commonly known vulnerabilities, like SQL injection and cross-site scripting. Preventing such attacks in application code is challenging. It can require rigorous maintenance, patching, and monitoring.

Web Application Firewall (WAF) provides centralized protection of your web applications from common exploits and vulnerabilities. A centralized WAF helps make security management simpler, improves the response time to a security threat, and allows patching a known vulnerability in one place, instead of securing each web application. A WAF also gives application administrators better assurance of protection against threats and intrusions.

Diagram showing how the Web Application Firewall provides protection against common exploits.

Supported services

WAF can be deployed with Azure Application Gateway, Azure Front Door, and Azure Content Delivery Network (CDN) services from Microsoft. WAF has features that are customized for each specific service.

Use Azure WAF to achieve centralized protection for your web applications from common exploits and vulnerabilities.