Web application firewalls (WAFs) are network or cloud-based products designed to filter, monitor, and block HTTP conversation from web applications and protect against HTTP, or web-based, attacks. WAFs employ a wide range of functions to work in conjunction with other data center solutions such as data center firewalls (DCFWs) and data center intrusion prevention systems (DCIPS) to provide protection specifically for web applications.
Using the web server's private key, WAFs can block attacks that were masked by HTTPs encryption. They also detect policy violations and reset offending connections. SSL sessions are either passively decrypted and inspected, or terminated and re-encrypted. WAFs should be able to identify and police the use of specific web application elements and functions such as web objects, form fields, and, most importantly, application session logic.