General 3min de Leitura - 29 de August de 2018

Web Application Firewalls, get to know what it is!

Parede de tijolos

This post is also available in: Português English Español

Having a website and your business present on the internet is no longer a differential, it is practically a matter of survival for most companies today. Just to have an idea, in 2017 Brazilian e-commerce grew by 12%, In 2018 the projection is for the increase to be 15%.

However, this growth generates more data flow, information exchange and, of course, this is a great opportunity for cybercriminals. A few years ago, for example, the American company Hold Security discovered a theft of more than 1 billion logins and passwordsof various web applications around the world. Hackers would be Russian and would have exploited vulnerabilities on more than 400,000 websites around the world through SQL Injection techniques.

To prevent such situations from happening, companies need to invest in robust solutions for the security of their data. And one of the most practical and efficient ways to prevent theft of information and attacks on web-based sites and applications is through Web Application Firewalls(WAF).

What are Web Application Firewalls?

The WAF has a different goal than conventional firewalls, which bring security to the perimeter of the corporate network. Web Application Firewalls create a barrier between a web service and the rest of the internet. It is a wall that prevents any malicious users from accessing your website or application in an unauthorized way.

Web Application Firewall blocks and protects your application against malicious actions such as manipulation of displayed content, undue injections into a standard SQL database, known as “SQL Injection”, some types of administrative access fraud, and many other cyber attacks.

WAF has the ability to automatically monitor, filter and block potentially malicious data traffic through default settings and rules that can easily prevent the most common attacks. This way your company avoids problems with information theft, applications offline due to DDoS attacks, as well as reducing expenses with infrastructure and operational resources.

The most common types of WAF

Today, 3 Web Application Firewall options are available to be used in your web applications. Each one with its advantages and peculiarities, it is up to you, manager or IT professional, to evaluate which one best fits your needs.

Network-based WAF

Also known as WAF in-line, it is deployed in the company’s network, traditionally within the DMZ. It is a hardware-based model that, because it is physically in the corporate network, reduces latency, making the return and processing of requests faster.

Most vendors allow replication of rules and configurations across multiple applications, making deployment and configuration possible on a large scale and with less effort.

One downside to this type of Web Application Firewall is the high cost of maintaining the infrastructure needed to implement this type of technology, including highly skilled IT staff, redundant high-quality internet links, and other items to ensure the availability of the environment.

Host-based WAF

Also called endpoint Firewalls, host-based WAFs are deployed directly to the hosting server and can be fully integrated into the application code itself. This deployment can be done at different levels: in the operating system (ie IDS / IPS), in the web server (ie Apache) and in the application (ie WordPress, Drupal).

This is a solution that allows low-cost customization, but requires local libraries, application-compatible environments, and relies on the features offered by servers to function effectively.

Cloud-based WAF

Cloud-based Web Application Firewall offers a low-cost enterprise solution as it does not require local infrastructure or effort from the company’s IT professionals to perform operation and maintenance.

Because they are implemented outside the web application’s hosting environment, they do not have installation requirements and can be configured via DNS or BGP, serving any platform.

What is the best option for your company?

There is no definitive answer to this question, after all this will depend on the size of your business, the level of security investment you want to make, among other factors.

If you like to keep full control of your operations and prefer to be actively involved with WAF configuration, tuning and maintenance, the network-based may be the best solution.

But cloud-based Web Application Firewalls are the opposite of that. They are extremely easy to configure and deploy, require little supervision and control of the site or application owner, but do not allow for large customization or complete control of information and data.

After knowing a little about each type of WAFs application, it’s up to you to assess which of the models most closely matches your business need, taking into account functional and financial aspects.

Has this content made sense to you? If yes, how about sharing it with other people on your networking relationship?

[rev_slider alias=”horizontal-dsi-web-application-firewall”]

Keep reading

[latest_post type=’boxes’ number_of_posts=’3′ number_of_colums=’3′ order_by=’date’ order=’ASC’ category=’problem-recognition’ text_length=’100′ title_tag=’h4′ display_category=’0′ display_time=” display_comments=’0′ display_like=’0′ display_share=’0′]


This post is also available in: Português English Español