WAF - Web Application Firewall

A WAF (web application firewall) is a filter that protects against HTTP application attacks. It inspects HTTP traffic before it reaches your application and protects your server by filtering out threats that could damage your site functionality or compromise data.

As companies and users increasingly rely on web applications, such as web-based email or e-commerce functionality, application-layer attacks pose a greater risk to productivity and security. Therefore, a WAF is crucial to protect against rapidly emerging web security threats.

A WAF protects against malicious attacks, such as:

  • SQL injection – a hacking technique used to extract sensitive information from a database.
  • Malicious file execution – a harmful technique which allows a person to execute code remotely after a user accepts a malicious file.
  • Cross-site scripting – when malicious script is injected into the code of an otherwise trusted website, allowing potentially sensitive user data such as cookies to be accessed.

These threats can penetrate and cripple a website, diminishing performance and exposing your enterprise to data breaches. They target multiple types of functionality within your site, attacking the site itself or forwarding logic to a database where the information stored inside it can be compromised.

How does WAF works?

A web application firewall is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic - inspecting both GET and POST requests - detecting and blocking anything malicious.

Unlike a regular firewall, which only serves as a safety gate between servers, a WAF is an application security measure that is located between a web client and a web server.

The most frequent malicious attacks are usually automated. These types of threats are difficult to detect because they are often designed to mimic human traffic and go undetected.

A WAF performs a deep inspection of every request and response for all common forms of web traffic. This inspection helps the WAF to identify and block threats, preventing them from reaching the server.

Introducing KONA - Akamai’s Cloud Web Application Firewall

Akamai’s Kona Web Application Firewall is a cloud platform that effectively protects againstthese threats. It provides an always-on and highly scalable application firewall that defends against emerging attacks to web security while keeping application performance high.

As an embedded process within the Akamai Intelligent Platform™, Kona Web Application Firewall inspects every HTTP and HTTPS request before serving it, identifying and stopping web security threats before they ever reach the data center. Akamai’s Threat Intelligence Team continuously refines firewall rules to block known attacks and respond to new threats as they emerge. Adaptive rate controls automatically protect against application-layer denial of service attacks, while network-layer controls define and enforce IP whitelists and blacklists to protect your website by restricting requests from specific IP addresses.

Kona WAF is deployed at the edge of the network rather than the center. This means that it can identify and mitigate suspicious traffic without affecting performance or availability of the origin server.

What are the Benefits of a Cloud WAF?

Using a cloud WAF provides a scalable platform that can be accessed globally, helping to protect against multiple threats for large web applications around the world.

A cloud web app firewall like KONA WAF enables users to:

  • Reduce the risk of downtime, data theft and security breaches with a WAF that can scale to protect against the largest DoS and DDoS attacks.
  • Ensure high performance even during attacks thanks to Akamai’s global architecture.
  • Defend against new and emerging threats with help from Akamai’s Threat Intelligence Team.
  • Minimize costs of cloud security by avoiding the need for expensive dedicated hardware.

What is a Managed Firewall?

A WAF can be managed or non-managed. For managed firewalls, dedicated security services help to ascertain which traffic is potentially threatening and prevent it from ever reaching your server. The KONA WAF offers both managed and non-managed options, the latter of which is most suitable for professionals with an advanced knowledge of internet security.

Key Capabilities of Kona WAF

Kona WAF provides comprehensive capabilities to protect against application-layer attacks.

  • Adaptive rate controls automatically protect against application-layer DDoS and other volumetric attacks by monitoring and controlling the rate of requests against applications.
  • Application-layer controls offer pre-defined, configurable WAF rules that govern Request Limit Violations, Protocol Violations, HTTP Policy Violations and more.
  • Network-layer controls automatically deflect network-layer DDoS attacks at the network edge and define and enforce IP whitelists and blacklists to restrict requests from certain IP addresses or geographical regions.
  • Security monitor provides real-time visibility into security events and enables administrators to drill down into attack alerts.
  • Logging features enable you to integrate WAF and event logs with security information and event management to increase your threat posture awareness.

Learn more about Kona WAF and about Akamai’s additional cloud services for DDoS protection.