Why deploy the Web application firewall? Reference

Source: Internet
Author: User
Keywords Web application firewall Web application security
Tags application application layer applications cross customer data data theft enterprise
Large Web applications are vulnerable to multiple attacks, such as SQL injection and Cross-site scripting exploits, which can result in downtime, inefficiencies, data theft, penalty fines, brand damage, service disruption, customer dissatisfaction, and so on. To protect Web applications, it is recommended that enterprises use Web application firewalls. 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' border= ' 0 "alt=" Why do you want to deploy the Web application firewall? "src=" http:// S2.51cto.com/wyfs02/m01/53/da/wkiom1ryik_tmao5aagfxm32hls095.jpg "width=" 446 "height=" 265 "/>web application firewall runs in the application layer, and can dynamically learn and adapt to protection, can be integrated with other security technologies. The comparison and implementation recommendations for different scenarios are discussed below. Issues to consider the enterprise can deploy the application delivery Controller (ADC) component, cloud services, Web application firewall as a stand-alone device on the Web server, or deployed on its front-end, specifically for special Web applications for fine protection. Its capabilities include combining known attacks with secure patterns such as enhanced legal communications, defending against web attacks and reducing false intelligence (that is, specious intelligence). In general, Web applications are the target of attackers who think they are most deserving of a "strike" because they have enough vulnerabilities to be the easiest way to get into the business. Although a typical network firewall is located outside the network, intrusion Prevention systems (IPS) often do not understand the logic of the Web application protocol and therefore cannot fully discern whether the request is normal on the application layer, the seventh layer of OSI. Web application firewalls can defend against IPs attacks and can protect against a complete set of features to find web vulnerabilities and attacks, and detect malicious file uploads. In addition to hardening access control policies on layers fourth through seventh, to prevent attackers from accessing data without proper authorization, the Web application firewall should also provide inspection of outgoing data leaks (for example, illegal file downloads), filter sensitive information (e.g., credit card numbers), and other security standards (for example, PCI DSS ), which helps defend against DDoS attacks in the application layer. How much benefit the enterprise expects from the Web application firewall depends on a variety of factors, including how to configure, adjust, and maintain. Enterprises can not think of the correct configuration after the Web application firewall is all right, but the requirements of the enterprise according to the application needs and the network's own communication behavior constantly maintain and adjust. Web application firewalls provide the most granular Web application defenses after enabling the necessary policies and features. At this point, it's better than an intrusion prevention system. Web application firewall deployment can reduce the frequency of enterprise scan vulnerabilities. In addition, Web application firewalls can be integrated with vulnerability scanners, DDoS protection devices, and other technologies, and can implement virtual patches for vulnerable Web applications. 1 2 Next >> view full-text navigation page 1th: Issues to consider page 2nd: Why do you want to deploy the Web application firewall? (1) Return to the Network security home page

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.