What’s a WAF and why do I need one?

Acronyms can be brilliant but in an industry full of them we really don’t need another one. At least this one is easy to say!

What’s in a name? Quite a lot in this instance – it tells us what it is: Web Application Firewall and it’s a bit of a mouthful – say it out loud and maybe the acronym does have its place. But what does it do and why do you need it?

The short version: A Web Application Firewall will make your online environments much safer. And yes, you need one.

A WAF is a layer of defence which filters out unwanted requested based on predetermined criteria. Go back 20 years and much of the internet wasn’t protected behind firewalls. Would you like to switch off your firewall today? Jump forward just 5 years and the idea of not having a WAF will be similarly uncomfortable.

Firewalls filter traffic based on IP addresses and protocols/ports. WAFs inspect the content of the traffic and filter unwanted requests based on a ruleset. Running IBM (HCL) Domino? Blocking all SQL requests will prevent a lot of unwanted traffic. Running a simple Umbraco solution? List all your sql queries as permitted and deny everything else to avoid all those pesky sql_injection attacks.

WAFs can operate effectively both within and outside a firewall.

A bonus of filtering the vast majority of nefarious traffic is that your server/s get less traffic. Which means less load, lower hosting bills and better performance. So you’re online presence has improved cyber security and better performance. There’s so much to gain!

Clearly a WAF is worth having but how do you implement it and how much does it cost?

There are a number of options depending on your hosting solutions but we do have a favourite here: Cloudflare. Full disclosure, we’re not affiliated or in any form of partnership with them; they just have the most balanced solution. Incapsula have a similar solution. If you’re on AWS you can use their Cloudfront service. Both are fine but Cloudflare stands out for it’s overall price and ease of use. Cloudflare provide DDoS protection for free and their WAF service is available for as little as $20/month which is amazing value.

Interested in finding out more or want to talk over the options? Contact us – we’re always happy to talk!