Summary: On today’s Heavy Networking our topic is Web application firewalls (WAFs). Which, in the traditional sense, are neither web applications nor firewalls.<br> So what are these strange creatures? If my company doesn’t have one, should I go to the pet store and get one? Will they bite me if I’m not careful? What does a web application firewall eat?<br> Helping us understand how to feed and care for our very own web application firewall is <a href="https://twitter.com/SCOTTHOGG" target="_blank" rel="noopener noreferrer">Scott Hogg</a>, who you might know from the <a href="https://packetpushers.net/series/ipv6-buzz/" target="_blank" rel="noopener noreferrer">IPv6 Buzz podcast</a>, part of the Packet Pushers podcast network.<br> We discuss:<br> <br> * How a WAF differs from typical firewalls<br> * The security problems WAFs try to solve (protecting vulnerable Web apps)<br> * How WAFs are deployed<br> * The architecture of a typical WAF<br> * Operational challenges<br> * How attackers bypass WAFs<br> * The role of WAFs in cloud applications<br> * More<br> <br> Sponsor: ITProTV<br> Get over 65 hours of free technical training from ITProTV. ITProTV offers online instruction in CompTIA, Cisco, VMWare, Microsoft and more. You can stream courses live and on demand on your favorite device. Sign up for a free membership at <a href="https://go.itpro.tv/packet" target="_blank" rel="noopener noreferrer">itpro.tv/packet-pushers</a> and try it with no obligation.<br> Sponsor: Cumulus Networks<br> If you’re future-proofing your network, why go with legacy infrastructure? Cumulus Networks offers networking software for the open, modern data center, giving you the option to choose the new way every time. Find out more at <a href="https://cumulusnetworks.com/lp/old-v-new/?utm_campaign=Q1_2019_OldvNew&utm_medium=Sponsorship&utm_source=PacketPushers&utm_content=landingpage_oldvnew" target="_blank" rel="nofollow noopener noreferrer">cumulusnetworks.com/modernize</a>.<br> Show Links:<br> <a href="https://twitter.com/SCOTTHOGG" target="_blank" rel="noopener noreferrer">Scott Hogg on Twitter</a><br> <a href="https://hexabuild.io/" target="_blank" rel="noopener noreferrer">Hexabuild</a><br> <a href="https://packetpushers.net/series/ipv6-buzz/" target="_blank" rel="noopener noreferrer">IPv6 Buzz Podcast</a><br> <a href="https://www.networkworld.com/author/Scott-Hogg/" target="_blank" rel="noopener noreferrer">Scott’s Network World author page</a><br> <a href="https://community.infoblox.com/t5/IPv6-CoE-Blog/bg-p/IPv6" target="_blank" rel="noopener noreferrer">Scott’s Infoblox author page</a><br> <a href="http://www.networkworld.com/article/2223103/cisco-subnet/web-application-firewalls-and-ipv6.html" target="_blank" rel="noopener noreferrer">Web Application Firewalls and IPv6, Scott Hogg</a> – Network World<br> <a href="https://www.owasp.org/index.php/Web_Application_Firewall" target="_blank" rel="noopener noreferrer">The Open Web Application Security Project (OWASP)</a><br> <a href="http://www.webappsec.org/" target="_blank" rel="noopener noreferrer">The Web Application Security Consortium (WASC)</a><br> <a href="http://projects.webappsec.org/Web-Application-Firewall-Evaluation-Criteria" target="_blank" rel="noopener noreferrer">Web Application Firewall Evaluation Criteria (WAFEC)</a><br> <a href="https://www.icsalabs.com/sites/default/files/WAF_Criteria_V2.1_Document_V2.4.pdf" target="_blank" rel="noopener noreferrer">WAF Criteria</a> – ICSA Labs (PDF)<br>
