A firewall, at the simplest level, is a system (hardware or software, or both) that logically sits between one or more computers and their connection to the Internet. It improves security by allowing you to specify rules about which packets are allowed in or out, based on the IP address they came from, their destination IP address, and the port number. Or any combination thereof.
Without a firewall, everyone in the world could access your servers on every possible port (of which there are 65,535). But a firewall ensures, for example, that someone can access your website but can’t use Remote Desktop to log into your web server, because port 80 is open and port 3389 is not.
There is hardly a business on the planet that doesn’t have a firewall nowadays. And for a while, the conventional firewall ruled the security roost and was the first – and often only – line of defense for most companies’ servers. To be fair, it worked pretty well. End users’ PCs were protected by antivirus software, and frequently by a firewall too. Before Windows included one as standard, software firewalls were available from third-party vendors, and many of the best-known examples were available for free.
Internet-facing servers, too, were placed behind firewalls to ensure that they were protected from hackers, whose starting point was (and largely still is) to probe IP addresses on the Internet at random, scanning every port in search of a program on the server that had inadvertently been allowed through the firewall.
But while simply blocking ports worked for a decade or so, it ultimately became insufficient. The Internet, and specifically the web, began to allow companies to operate online in ways that had never been done before. This required the rapid (sometimes too rapid) development of application software, running on servers, which were vulnerable to attacks more sophisticated than a hacker randomly scanning ports.
All software has bugs, as the saying goes. And web applications are no exception. With so many of us buying goods and services online nowadays, rather than merely reading information as we did in the early days of the web, the stakes have never been higher. Criminals are constantly trying to exploit those bugs using a variety of techniques based on common errors made by application programmers, or admins who don’t quite configure things as per the documentation.
To prevent attacks, the Web Application Firewall was born. Companies which run in-house servers can buy and install one to help prevent literally thousands of attacks, such as the SQL Injection one mentioned, from affecting their system. Organizations that use cloud-based servers, such as those on Alibaba Cloud, have an easier time, as they simply need to purchase the WAF service and enable it. It’s just a few clicks on the account console, and a payment that starts at less than USD $300 a month. There’s nothing to install, no new server to commission, and it’s up and running in 15 minutes. And although it can be specifically configured, tuned and tweaked for specific circumstances, it provides a huge amount of protection straight out of the virtual box, automatically protecting from all the major OWASP threats and thousands more.
A WAF does more than simply scrutinizing port numbers and IP addresses. If a data packet is destined for a database, for example, and contains characters that resemble those used in SQL injection attacks, the WAF will spring into action. The application will never know that someone was trying to hack it. The system administrators, of course, will find out as soon as they make some time to review the logs and reports that the WAF keeps. And yes, it’s good practice to do so.
If a hacker is attempting to bring down a website via a distributed denial-of-service (DDoS) attack, then the huge network of powerful servers which run the WAF will detect it, and the traffic will never get near enough to the target system in order to slow it down.
While conventional firewalls were all the rage in the 1990s, and indeed are still essential, they are no longer sufficient to protect the business which operates online, regardless of whether server-based software was purchased from a vendor or developed in-house. A web application firewall adds another layer of protection, and of peace of mind. If WAF is available from your cloud services provider with just a few clicks and a simple monthly fee, surely there’s no reason not to enable it.
Alibaba Cloud establishes its presence in the global security market as its WAF product gains recognition by top research agencies, including Gartner and Frost & Sullivan.
Alibaba Cloud WAF has 14 data centers in 6 regions including Australia, India, Indonesia, China, Malaysia and Singapore, multiple languages are available for its support service including Mandarin, Cantonese, English, Japanese and Korean. Alibaba Cloud WAF has built a multi-layer defense matrix based on thousands of built-in security policies against all kinds of web application attacks, as well as a powerful deep-learning detection engine and customizable rules for specific customer scenarios. Meanwhile, Alibaba Cloud WAF can be quickly and easily deployed and integrated with Alibaba Cloud Anti-DDoS, Anti-Bot and CDN services, providing a comprehensive web security solution covering both cloud side and client side, which effectively protects customer's business and data threatened by cyber-attacks.
Read this article to learn about benefits and application scenarios of Alibaba Cloud WAF.
Whereas a conventional firewall protects a server by blocking access to or from specified TCPIP ports, or tofrom specified IP addresses, a Web Application Firewall is designed to detect traffic that appears to be an attempt to gain unauthorized access to a web-based application, or to commit fraud.
It works by operating "upstream" of your protected site. To use it, you change the DNS settings of your site to point at the WAF. It then filters incoming traffic, rejects offending packets, and forwards all permitted traffic.
In this tutorial we will use the WAF to protect an application which is hosted on an Alibaba Cloud server. Alibaba Cloud WAF can also be used to protect applications running on servers other than those provided by Alibaba Cloud – raise a support ticket on your account if you'd like further information about this.
Web Application Firewall (WAF) protects your website after you add it to WAF. If you do not add your website to WAF, WAF does not protect it.
This topic provides answers to some commonly asked questions about Web Application Firewall (WAF).
The network is the only entry point for all cloud services. Network attacks, especially denial of service attacks, are the most diverse and harmful, and one of the most difficult to protect against network risks. This course is designed to help students understand the principles of DoS attacks in a minimum amount of time and learn common protection methods and Alibaba Cloud Anti-DDoS protection solutions to minimize or reduce the risk of network layer attacks, protect your cloud network security.
Alibaba Clouder - April 12, 2018
Alibaba Clouder - March 21, 2018
Alibaba Clouder - December 21, 2017
Alibaba Clouder - July 23, 2020
Alibaba Clouder - June 28, 2020
Alibaba Clouder - September 1, 2020
A cloud firewall service utilizing big data capabilities to protect against web-based attacksLearn More
A scalable and high-performance content delivery service for accelerated distribution of content to users across the globeLearn More
A comprehensive DDoS protection for enterprise to intelligently defend sophisticated DDoS attacks, reduce business loss risks, and mitigate potential security threats.Learn More
More Posts by Alibaba Clouder