The Evolution of Web Application Firewalls

January 11, 2015

4:00 pm

Technological advances related to computing and the Internet have affected every one of us. The Information Revolution that the Internet has made possible is affecting society just as dramatically as the Industrial and Agricultural Revolutions of the past, but there is an unpleasant side to progress.

Criminal use of the Internet, or hacking, is an unavoidable part of information technology development. Hackers have gained unauthorized and undesirable access to information, sometimes with far-reaching consequences. Innovations in hacking have in turn led to the development of protection methods and devices commonly known as web application firewalls (WAF).

An application firewall is a form of firewall which controls input, output, and/or access from, to, or by an application or service. It operates by monitoring and potentially blocking the input, output, or system service calls which do not meet the configured policy of the firewall.

A Web Application Firewall does much more than a consumer’s computer firewall. Consumer-level applications work by blocking software access to certain ports. Web applications such as Apache, WordPress and Microsoft’s Office all require an extra level of protection against malicious users. WAFs offer this extra protection and work by analyzing all data passing through them and checking its conformity to pre-set rules.

A WAF fulfills a web-user’s need to protect both internal and public web applications, whether locally (on-premises) or remotely (cloud-hosted), against unauthorized access attempts. These attacks revolve around hacking and illegal access to web applications.

According to statistics, every year, cyber attacks are increasing by 30%, while successful breaches are increasing at twice that rate, 60% a year: In plain English, more attacks are getting through.

Basic consumer-level cyber security measures are essential and are an urgent call on companies’ financial resources, but these are not enough. If a company has a website then that website must be protected using a WAF against unauthorized intrusion by hackers.

The need to protect customers’ data is even more important than the need to keep the website live. If there is a security breach the negative effects of the attendant publicity and loss of trust are immeasurable.

So how have application firewalls been evolving?

Web application firewalls have been evolving rapidly and becoming more sophisticated with the objective of protecting websites and customer data from increasingly sophisticated attacks and unauthorized access.

Hackers’ methods have become more devious and WAF sophistication has increased correspondingly as part of the information security industry’s fight back against criminals stealing data and malicious hacking.

The more evolved and developed WAF solutions are capable of preventing attacks and unwanted intrusion on any website. Modern web application firewalls generally have default settings that give no false negatives and errors and all modern WAFs are designed to work perfectly without the need for any user knowledge of source code.

A WAF has become crucial in detecting and preventing any attack that that is masquerading as network access by a legitimate user.

Understanding interactions

Web Application Firewalls need to do much more than just see the code: They need to be able understand every line of code passing through them and to evaluate any risk that it represents.

This risk evaluation ability enables a WAF to analyze visitors based on reputation behaviors. The old adage of prevention being the best cure still holds true and is very relevant here. Instead of blocking an attack as and when it occurs, a WAF should see it coming by understanding and tracking visitor behavior. It should be proactive.

More than In-Depth Inspection

From the historical perspective of web application firewalls, they have always performed an in-depth inspection of any access routes to the protected sites. However, the modern evolution of web application firewalls comes with more than in-depth inspection of access routes in the sense that modern WAFs are deployed in-line in the form of reverse proxies. These are crucial in preventing any form of access log collection that may be used later to audit the protected site or perform any form of analysis on the protected web applications.

Simplicity of use is vital, so the modern web application firewall has evolved to the extent that it can be deployed out of the box with no user setting changes necessary. New-age WAFs such as those from the aforementioned Incapsula are constantly learning and are able to stop threats that have never been seen before by analysis of their code and finding similarities to previous threats. They are updated frequently and monitoring is available on some plans to ensure maximum protection for your site and your customers.

Modern firewalls have enabled an increase in firewall features that revolve around transparent proxy and bright modes, which can enable WAFs to easily integrate with other network security technologies such as vulnerability scanners, protection applications, distributed denial of service prevention, database security solutions, and web fraud detection.

Another major noticeable evolution has to do with the fact that modern WAFs are perfectly packaged to include content caching, as well as web access management modules, which are specially designed to provide simple sign-in features, especially for distributed web applications.

Concluding thoughts

There are massive advances going on in the field of web application firewalls. Modern firewalls are perfectly devised to provide maximum protection against hacking, easy detection and filtering of both known and unknown threats, while at the same time, minimizing false alerts.

Are you aware of the level of protection that your web application firewall offers? Does it protect you against a DDOS attack? Does it protect your customers’ login and credit card details adequately?

Has your website ever been hacked? What protection did you have? Please share your experience using the comment box below.

Did you like this article?

Get more delivered to your inbox just like it!

Sorry about that. Try these articles instead!

Drew Hendricks is a professional business and startup blogger that writes for a variety of sites including The Huffington Post, Forbes and Technorati. Drew has worked at a variety of different startups as well as large advertising agencies.