If you need a detailed description of what Azure WAF is and all its features, you can find everything inside the Microsoft documentation. In this post I would like to give a quick technical intro to Azure WAF, before going deeply into the steps for creating it via ARM. you can monitor the traffic using a set of specific logs and metrics, inside the Azure Gateway instance.
it secures the application without doing any change to the code.
it works with any kind of web application (ASP.NET, PHP, JSP, etc.). IMHO, the best things of this service are the following: The value of investments may go down as well as up.The Azure Web Application Firewall is one of the features of Azure Gateway and its main goal is to protect a web application to common exploits like SQL injections, cross-site scripting attacks and others, following the specifications of Open Web Application Security Project ( OWASP, specifically the version 3.0 of Core Rule Set). Check Point are not responsible for any service charges accrued by this deployment. Note this is not official Check Point documentation or advice, deploy this solution at your own risk. It's very much a first draft, so there will be mistakes and also outdated information, please provide any feedback below. I wrote a lab guide to deploying this solution, as with most cloud topics, it will age very quickly, but hopefully give you a good starting point if you have a project that has strict requirements on having a WAF service at the Azure perimeter. As our reference architecture in Azure uses a load balancer and one or more gateways, this seemed the obvious choice for the deployment. In short, the Application Gateway is basically a "load balancer on steroids" and provides much the same functionality as a standard SKU Azure Load Balancer, but with the added benefit of WAF capabilities. 
As all the requests came from customers using Microsoft Azure, I decided to look into the Application Gateway. I've been asked several times about if CloudGuard is a WAF product (that's another discussion!) and how best can a dedicated WAF service be placed in front of CloudGuard IaaS gateways.
0 kommentar(er)
