The company announced WAF at ignite last year. In its announcement, Microsoft says that finding solutions to stop layer-7 app attacks is not easy. This usually includes needing patching and monitoring throughout tiers to prevent attacks. Web apps have become common targets for attackers, who can exploit vulnerabilities such as SQL injection and cross site scripting flaws. By implementing a web application firewall (WAF), Microsoft can protect against more web attacks. Importantly, the feature also gives customers a simplified way of managing security across their apps. This is achieved with no need to change applications. Yousef Khalidi, Microsoft corporate VP for Azure Networking explains the benefits of WAF: “A centralized Web application firewall (WAF) protects against Web attacks and simplifies security management without requiring any application changes.” “Application and compliance administrators get better assurance against threats and intrusions.”
WAF in Azure Application Gateway
By using WAF through Azure Application Gateway, the application delivery controller layer 7 network service also gets SSL policy control and end-to-end SSK encryption and logging: “Web Application Firewall integrated with Application Gateway’s core offerings further strengthens the security portfolio and posture of applications protecting them from many of the most common Web vulnerabilities, as identified by Open Web Application Security Project’s (OWASP) top 10 vulnerabilities,” Khalidi noted. The service is designed to block end-of-service attacks that target multiple web apps. Application Gateway supports up to 20 sites behind one gateway. There are large application gateways, costing $94 and $333 respectively.