A web application firewall (WAF) is an essential service for any business-critical workload hosted on the Internet. As part of our layered approach to security, Carbon60 strongly favors global WAF services that work on the edge of the cloud, stopping bad traffic even before it is forwarded to your hosting origin(s).
Foremost, the purpose of a WAF service is to protect your web site/application filtering out malicious requests. It does this by examining http/s request headers and body contents and applying a rich collection of application-layer firewall rules for different categories such as:
- Protocol Violations
- HTTP Policy Violations
- Malicious Robots
- Generic and Command Injection Attacks
- Trojan Back doors and Outbound Content Leakage
- IP White and Black Listing
- Summary and trend reporting on attacks is available online or logs can be sent directly a log management system for analysis.
Web Application Firewalls provide the most effective Denial of Service (DoS) protection available. WAF allows rate limiting policies to be applied to http and https requests. WAF’s rate control policies can dynamically alert and/or block clients exhibiting excessive request rate behaviors. These policies can be applied to incoming requests, requests forwarded to your hosting origin(s), or even responses from your origin(s). WAF can respond to bursts of requests within seconds. Rate controls further protect customers by mitigating Slow POST DDoS attacks. POST requests are not sent to the origin until the POST body completes at the edge. POST bodies that take too long to complete are terminated.