What purpose does a Web Application Firewall (WAF) serve?
03/26/2020 25 12005
DESCRIPTION: The SonicWall Web Application Firewall (WAF) Service leverages your existing infrastructure as a licensable add-on module to the SonicWall Secure Remote Access (SRA) platform to provide you protection for web applications that is easy to deploy and manage.
PCI DSS version 1.1 Requirement 6.6 states the following:
"Ensure that web-facing applications are protected against known attacks by applying either of the following methods:
a) Having all custom application code reviewed for common vulnerabilities by an organization that specializes in application security. b) Installing an application layer firewall in front of web facing applications."
Most of the vulnerabilities arise from insecure programming or weak architectural design practices followed by an engineering organization. However, it is also not cost-effective for organizations to train their staff regularly on information security. New vulnerabilities are discovered on a daily basis, which necessitates regular training and fresh code reviews. WAF, on the other hand, can be up-to-date with signatures as and when a new vulnerability is discovered giving a 24 x 7 protection for the suite of Web applications it protects.
As soon as a vulnerability is found within an application by either using a Vulnerability Assessment tool or by reviewing the programming logic, it takes days or weeks before the patch gets deployed in production. During this time, a WAF can serve as a quick fix for the discovered vulnerability by a process called Virtual Patching reducing the down time needed before the patch is deployed. Virtual Patching is particularly useful if the discovered flaw exists in more than just one Web application.