WAF vs Network Firewall

Difference between WAF and Network Firewall

PARAMETER	WAF	NETWORK FIREWALL
Philosophy	A Web Application Firewall (WAF) is a network security firewall solution that protects web applications from HTTP/S and web application-based security vulnerabilities.	Network Firewall is a device which controls access to secured LAN network to protect it from unauthorized access. Firewall acts as a filter which blocks incoming non-legitimate traffic from entering the LAN network and cause attacks.
OSI Layer coverage	Layer 7	Layer 3 – 4
Modes of operation	•Active Inspection •Passive mode	•Transparent mode •Routed mode
DDOS Protection	Application Layer	Basic level only at Network Layer
Target objects protection	Protects HTTP/HTTPs based servers and Applications placed in Internet facing Zones of Network Firewall	Protection of user and organizational IT assets including applications, Servers and management.
Placement in Network	Close to Web/Internet Facing Applications	On Perimeter of Network (Commonly Internet)
Web Application protection	All-encompassing, including complete coverage of application layer	Minimal
Access Control	Not possible	Possible
Algorithms	•Signature based •Anomaly detection •Heuristics	•Packet filtering •Stateful/stateless inspection •Proxy
Related attacks protection	•SQL injection attacks •cross-site scripting (XSS) attacks •DDoS attacks.	•Attack from less secured zones. •Unauthorised users accessing private networks

No items found.