A WAF (web application firewall) is a filter that protects against HTTP application attacks. It inspects HTTP traffic before it reaches your application and protects your server by filtering out threats that could damage your site functionality or compromise data.
As companies and users increasingly rely on web applications, such as web-based email or e-commerce functionality, application-layer attacks pose a greater risk to productivity and security. Therefore, a WAF is crucial to protect against rapidly emerging web security threats.
A WAF protects against malicious attacks, such as:
These threats can penetrate and cripple a website, diminishing performance and exposing your enterprise to data breaches. They target multiple types of functionality within your site, attacking the site itself or forwarding logic to a database where the information stored inside it can be compromised.
A web application firewall is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - inspecting both GET and POST requests - detecting and blocking anything malicious.
Unlike a regular firewall, which only serves as a safety gate between servers, a WAF is an application security measure that is located between a web client and a web server.
The most frequent malicious attacks are usually automated. These types of threats are difficult to detect because they are often designed to mimic human traffic and go undetected.
A WAF performs a deep inspection of every request and response for all common forms of web traffic. This inspection helps the WAF to identify and block threats, preventing them from reaching the server.
Akamai’s Kona Web Application Firewall is a cloud platform that effectively protects againstthese threats. It provides an always-on and highly scalable application firewall that defends against emerging attacks to web security while keeping application performance high.
As an embedded process within the Akamai Intelligent Platform™, Kona Web Application Firewall inspects every HTTP and HTTPS request before serving it, identifying and stopping web security threats before they ever reach the data center. Akamai’s Threat Intelligence Team continuously refines firewall rules to block known attacks and respond to new threats as they emerge. Adaptive rate controls automatically protect against application-layer denial of service attacks, while network-layer controls define and enforce IP whitelists and blacklists to protect your website by restricting requests from specific IP addresses.
Kona WAF is deployed at the edge of the network rather than the center. This means that it can identify and mitigate suspicious traffic without affecting performance or availability of the origin server.
Using a cloud WAF provides a scalable platform that can be accessed globally, helping to protect against multiple threats for large web applications around the world.
A cloud web app firewall like KONA WAF enables users to:
A WAF can be managed or non-managed. For managed firewalls, dedicated security services help to ascertain which traffic is potentially threatening and prevent it from ever reaching your server. The KONA WAF offers both managed and non-managed options, the latter of which is most suitable for professionals with an advanced knowledge of internet security.
Kona WAF provides comprehensive capabilities to protect against application-layer attacks.