Azure Web Application Firewall

Azure Web Application Firewall

Azure Web Application Firewall

Azure Web application Firewall provides Centralized protection to all your Web applications from common exploits and Vulnerabilities and attacks like SQL Injection, Cross-Site Scripting etc.

In Normal Scenarios, preventing applications code is little bit challenge, because it requires rigorous maintenance, patching, Monitoring at multiple layers of Applications.

A WAF Solution react to any security threat faster by centrally patching a known vulnerability, instead of securing each individual web application.

WAF can be easily deployed with following Services:

  • Azure Application Gateway
  • Azure Front Door
  • Azure Content Delivery Network

Let’s discuss one by one and learn how WAF works with these services.

Azure WAF on Azure Application Gateway

Azure Waf on Application Gateway is based on Core Rule Set (CRS) from Open Web Application Security Project (OWASP).

You know that Application gateway has two versions of WAF SKU:

  • Application gateway WAF_v1
  • Application gateway WAF_v2

WAF policy association only supports on Application gateway WAF_v2

Below figure describes how WAF works on Application gateway

Application gateway operates as an application delivery controller (ADC). It provides Transport layer Security or SSL Termination, cookie-based session affinity, round robin load distribution, content-based routing, host multiple websites and security enhancement.

In Security Enhancement, it includes TLS policy management and end-to-end TLS support. When WAF is integrated to Application Gateway, it protects your application against common vulnerabilities.

WAF Benefits on Application Gateway

Below are some benefits of WAF when used on Application gateway


  • Protect your web applications from web vulnerabilities and attacks without modification to back-end code.
  • Protect multiple web applications at the same time. An instance of Application Gateway can host up to 40 websites that are protected by a web application firewall.
  • Create custom WAF policies for different sites behind the same WAF
  • Protect your web applications from malicious bots with the IP Reputation ruleset


  • Monitor attacks against your web applications by using a real-time WAF log. The log is integrated with Azure Monitor to track WAF alerts and easily monitor trends.
  • The Application Gateway WAF is integrated with Microsoft Defender for Cloud. Defender for Cloud provides a central view of the security state of all your Azure, hybrid, and multicloud resources.


  • Customize WAF rules and rule groups to suit your application requirements and eliminate false positives.
  • Associate a WAF Policy for each site behind your WAF to allow for site-specific configuration
  • Create custom rules to suit the needs of your application


    You are will be the first.


Please login here to comment.