According to Hosting Fact’s 2016 review of internet, e-commerce and hosting statistics, in 2016, the internet influenced sales to the tune of $2.1 trillion. With this in mind, it’s easy to see why modern enterprises keep coming up with more and more web based services and applications. Each web application may be differ from the other in its functionality and its value to the user, however, when dealing with business-critical online applications, sensitive customer information, and online payments, these web portals need a special layer of protection besides the regular network firewall to keep them secure from a large variety of advanced cyber threats. This is where web application firewalls (WAFs) come in. Unlike network firewalls that protect servers, WAFs focus on HTTP requests coming to and from web applications, checking them against a set of rules and blocking any that do not comply or are identified as being malicious. These types of firewalls protect the web applications, deployed in cloud or on-premises, from cyber attacks such as SQL injection, cross-site scripting, spear-phishing, and denial-of-service attacks.
When deciding on which Enterprise WAF solution would be the best choice for your company, there are some fundamental considerations that should be on your mind. In this article, we’ll take a look at some of those and see how they could affect your decision.
Securing a website against cyber attacks like cross-site scripting and denial-of-service attacks is essential for the security of the data being sent and received by it and should be a top priority for business of any size that deal in sensitive data or online payments. There are several different types of WAF available in both appliance based and software formats and companies will need to think about how they intend to deploy and manage the solution once a decision has been made. But how would one go about this and what are factors that should be considered?
Consider the Following…
1-What Are Your Objectives?
Before you begin to implement security software or hardware, you’ll need to have an up-to-date security policy to define your objective and set out how you intend on securing your web application. Security standards like PCI DSS, for instance, require security policies to be reviewed or scoped annually and websites owners will need to ensure compliance in order to then accurately define their objectives. Once this is done, you’ll then have a better idea of what hardware or software would work best in your security architecture. When considering a new solution, contact the vendor and ask whether their firewalls cover content and applications such as HTML and HTTPS as well as about their support policy towards customizing protocols to suit your requirements. The best solutions will usually be the ones that are tailored to your particular needs and are able to provide you with updates and customer support in a manner that works for you.
2-How Will It Integrate With Existing Infrastructure?
Another important factor to consider when deciding on the best enterprise WAF solution for your company would be how well any potential solutions would fit into your environment´s existing security set up. Where is your WAF going to be located, in-line or out-line? In-line WAF´s are placed directly in the line of traffic between a client and a server and check all incoming requests and responses before forwarding them on. In-line deployments usually come in one of three different forms, reverse proxy, router mode or bridge mode. Outline deployments are when a WAF is located outside of line of traffic and observes from a monitoring port. Out-line deployments are usually used to test web application firewalls before implementing them and are done in this way so as not to impacting traffic. However, out-line deployed WAFs are still able to block malicious traffic. Website owners will need to see which deployment model best suits their security and compliance requirements.
3-How Reliable Is It?
As we’ve mentioned previously, WAFs protect a website’s data by checking HTTP requests against a set of rules, therefore high latency can be big problem. Network appliance based Web Application Firewall solutions are a great choice for deploying on premises Enterprise WAF. Having the WAF appliance close to the application makes a big impact on reducing latency.
Cloud-based web application firewalls offer the OpEx option to the enterprises as well as other operational benefits such as scalability, easy deployment and management interface. However the key to a successful implementation of a cloud hosted enterprise WAF is having your own staff manage and customize the WAF to your specific security needs to avoid negative impact on the services.
4-What Risks Are Covered?
In order to understand which enterprise WAF would best suit a company´s website, risk analysis should be undertaken in order to determine where attack vectors may be and how best to allocate resources. Understanding which risks each enterprise WAF covers is essential to gauging their value in your security architecture. Some WAFs may focus on certain types of protocol abuses and lack other features that would be of great value in your set up so it is always important to understand which solutions protect against what threats as well as how well they can be customized to suit certain environments. Due to an increase in trends where hackers have been observed to use multi-vector attacks, most web application firewalls come with additional features to protect other types of attack such as brute force logins. Knowing where your security strengths and weaknesses are as well as understanding what solutions cover which threats will greatly enhance your ability to build capable security architecture.
As companies from across the globe continue to grow and expand their presence on the internet, the sheer amount of websites, applications and data that will need protecting will continue to increase along with them. It is therefore essential that enterprise WAF solutions continue to be developed in order to keep up with the ever evolving threats we already face today and those as yet unknown threats we will surely come up against in the not-so-distant future.