Chapter 3. Evolution of Firewall and Web Application Firewall Technology
So far, we’ve spent quite a bit of time discussing the modern security challenges and threats. At this point in the book, we are going to shift our focus to solutioning. Before we dive in to the finer points of designing modern solutions using Web Application Firewall (WAF) and adjacent technologies, it’s a helpful exercise to walk through the evolution of WAF technology to try to help you understand how and why we arrived at this point in the evolution of WAF technology.
Traditional Intrusion Detection System and Intrusion Prevention System Technology
Let’s begin by looking at Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) technology. IDS/IPS technology was the security industries first foray into intelligent parsing of network traffic. IDS/IPS solutions have been traditionally focused on parsing network-level traffic and conducting signature-level comparisons. Network firewalls and IPS systems generally don’t provide adequate protection for internet-facing websites on their own. They are generally deployed as adjacent technologies as part of a defense-in-depth architecture. Defense-in-depth architecture involves the deployment of multiple layers of protection so that if one layer fails there are other layers to serve as fail-safes. A common example is the architecture of a castle. There is a moat, a drawbridge, upper defenses, and defenses within the castle walls.
WAFs are generally ...