Microsoft has announced the general availability of its Azure Web Application Firewall, as a big step in protecting web apps hosted on its cloud computing platform.
Web applications are a well-known area of target to malicious attacks. Common forms of attack include SQL injection, Cross Site Scripting (XSS), Denial-of-services (DoS) or Cross Site Request Forgery (CSRF).
Protection against exploits requires code reviews, bug bounty programs and code scanners implemented throughout the application lifecycle. Code reviews can help spot vulnerable code early in the development phase, dynamic and static code scanners can do automatic checks for vulnerabilities, and bug bounty programs enable professional pen testers to find bugs in the website.
However, one might still find their application snagged by a cyber-attack. It will be useful then, to have a centralized web application firewall (WAF) that protects against web attacks and simplifies security management without requiring any application changes.
Azure Web Application Firewall
Azure Web Application Firewall (WAF), a part of Azure Application Gateway, is Microsoft’s solution to deflect cyber-attacks aimed at apps hosted on its platform.
Azure Application Gateway is a cloud-based HTTP (Hypertext Transfer Protocol) load-balancing and SSL (Secure Sockets Layer) offloading system that enables businesses to build and deliver scalable and secure web applications.
It has now been made generally available in all public Azure data center regions. The main upside to it is that it protects application from web vulnerabilities and attacks without modifying backend code. The firewall provides protection for up to 20 websites per gateway.
- WAF provides protection against SQL injection attacks. SQL injection occurs when malicious SQL statements are inserted into form fields to try and gather information from a database. This information enables the hacker to access, modify or destroy information in the database.
- WAF also blocks XSS attempts and defends against other common attack methods like remote file inclusion, command injection and HTTP request smuggling and response splitting.
- It can avert attacks that depend on HTTP protocol anomalies and violations, along with misconfigured Apache and Internet Information Services (IIS) deployments, among other servers and applications involved in delivering a web application.
Apart from these, it also blocks bots, crawlers, and scanners, and helps customers stand up to debilitating HTTP denial-of-service attacks.
Why Opt For Azure Web Application Firewall
Azure WAF retains all standard Application Gateway features in addition to Web Application Firewall. This means that one can simply upgrade to WAF for an existing Application Gateway. It also promises easy configuring, deployment, and managing via the Azure Portal and REST APIs.
The added benefit lies in its monitoring feature. Yousef Khalidi, corporate vice president of Azure Networking at Microsoft, says:
Azure Web Application Firewall logs can also be used with Operations Management Suite, Microsoft’s cloud-based IT management product, for advanced analytics. An integration with Azure Security Center is in the works enabling unified security management, added Khalidi.
It also allows various customisations like choice of running in detection or prevention mode. The detection mode primarily scouts for possible threats and once found, it turns to prevention mode to defend the system. It also provides the ability to customize WAF rules and rule groups to suit application requirements and eliminate false positives.