Azure Web Application Firewall (WAF) provides centralized protection on the Azure Application gateway. The attackers who try to get into the web servers and tries to disrupt the services are protected via WAF. The attacks and vulnerabilities include SQL Injection, cross-site scripting, etc. The interesting part is, WAF automatically updates to include protection against any new vulnerabilities with no configuration needed at all.
While WAF is for Application security, you need a security and protection layer that is for the Network, which is taken care of by Azure Firewall — it is a cloud-based network security service that protects your organization’s Azure Virtual Network Resources. It is fully stateful in the sense that inbound requests trace outbound responses. Across your organization’s subscription and virtual networks, you can enforce, create and log application and network connectivity policies. It uses Static IP for your virtual network sources allowing outside firewalls to identify traffic from the virtual network and is fully integrated for Azure monitor for logging and analytics.
#azure-interview #azure-security #azure series #azure #network #protection