Welcome to Bucaro TecHelp!

Bucaro TecHelp
HTTPS Encryption not required because no account numbers or
personal information is ever requested or accepted by this site

About Bucaro TecHelp About BTH User Agreement User Agreement Privacy Policy Privacy Site Map Site Map Contact Bucaro TecHelp Contact RSS News Feeds News Feeds

Difference Between Network Firewall and Web Application Firewall

A Network Firewall controls access to the resources of a local network using rules to control incoming and outgoing network traffic. It acts as a security barrier between a trusted network, such as the local network (LAN), and an untrusted network, such as the Internet. Only traffic allowed by the firewall rules is permitted onto the local network, all other traffic is denied. A firewall can be implemented in either hardware or software.

A Web Application Firewall (WAF) is a firewall that monitors and allows or blocks data packets as they travel to and from a Web application. A WAF inspects each packet at OSI Layer 7 and uses rules to filter out harmful traffic. A WAF protects web applications against zero-day exploits, impersonation, cross-site scripting (XSS), SQL injection, session hijacking, buffer overflows, and other known vulnerabilities.

WAFs are especially useful to companies that provide products or services over the Internet. A WAF can be either network-based, host-based, or cloud-based.

Network-based WAFs

Network-based WAFs can reduce latency because they are usually a hardware-based network appliance installed locally. They allow replication of rules and settings across multiple appliances, making large scale deployment and configuration easier.

Host-based WAFs

Host-based WAFs may be integrated into the application code itself. This reduces and simplifies the cost of implementation.

Cloud-based WAFs

Cloud-based WAFs are easy to deploy because they are provided by a third-party. With a Cloud-based WAF you pay a subscription fee and place responsibility for protecting an organization's web application with the third-party provider.

More Network Security Articles:
• Elementary Information Security
• Types of DoS (Denial of Service) Attacks
• Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
• What is a Botnet Attack and How to Identify It?
• Public Key Infrastructure
• Remote Access Authentication Protocols
• Network Security Across the Enterprise
• Overview of IPsec with IKEv1
• Nessus Network Vulnerability Scanner
• Methods to Combat Distributed Denial of Service (DDoS) Attacks
Menu - More
Network Security

RSS Feed RSS Feed

Follow Stephen Bucaro Follow @Stephen Bucaro


Computer Networking Sections

Fire HD
[Site User Agreement] [Privacy Policy] [Site map] [Search This Site] [Contact Form]
Copyright©2001-2024 Bucaro TecHelp 13771 N Fountain Hills Blvd Suite 114-248 Fountain Hills, AZ 85268