What is a Web Application Firewall (WAF)? A WAF or web application firewall helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web applications from attacks such as cross-site forgery, cross-site-scripting (XSS), file inclusion, and SQL injection, among others. A WAF is a protocol layer 7 defense (in the OSI model), and is not designed to defend against all types of attacks. This method of attack mitigation is usually part of a suite of tools which together create a holistic defense against a range of attack vectors. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. A WAF operates through a set of rules often called policies.
These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies. What is the difference between blocklist and allowlist WAFs? A WAF that operates based on a blocklist (negative security model) protects against known attacks. Think of a blocklist WAF as a club bouncer instructed to deny admittance to guests who don’t meet the dress code. Conversely, a WAF based on an allowlist (positive security model) only admits traffic that has been pre-approved. This is like the bouncer at an exclusive party, he or she only admits people who are on the list. Both blocklists and allowlists have their advantages and drawbacks, which is why many WAFs offer a hybrid security model, which implements both.
What are network-based, host-based, and cloud-based WAFs? A network-based WAF is generally hardware-based. Since they are installed locally they minimize latency, but network-based WAFs are the most expensive option and also require the storage and maintenance of physical equipment. A host-based WAF may be fully integrated into an application’s software. This solution is less expensive than a network-based WAF and offers more customizability. The downside of a host-based WAF is the consumption of local server resources, implementation complexity, and maintenance costs. These components typically require engineering time, and may be costly. Cloud-based WAFs offer an affordable option that is very easy to implement; they usually offer a turnkey installation that is as simple as a change in DNS to redirect traffic. Cloud-based WAFs also have a minimal upfront cost, as users pay monthly or annually for security as a service. Cloud-based WAFs can also offer a solution that is consistently updated to protect against the newest threats without any additional work or cost on the user’s end. The drawback of a cloud-based WAF is that users hand over the responsibility to a third party, therefore some features of the WAF may be a black box to them.
The Internet has revolutionized the way we communicate. E-mail has been the most rapidly adopted form of communication ever known. Less than two decades ago, not many people had heard of it. Now, many of us e-mail instead of writing letters or even calling people on the phone. People around the world send out billions of e-mail messages every day. But sometimes even e-mail isn't fast enough. You might not know if a person you want to e-mail is online at that moment. Also, if you're e-mailing back and forth with someone, you usually have to click through a few steps. This is why instant messaging (IM) has become so popular. You can IM with anyone on your buddy list or contact list as long as that person is online. You type messages to each other into a small window that shows up on both of your screens. In this article, you will learn about the history of instant messaging and how it works.
You will also learn what the major IM programs are, what makes them different from each other and what the future holds for IM. The major online services, such as America Online (AOL), Prodigy and CompuServe, were the main way that ordinary people could connect and communicate with each other online. Online services provide the actual interface that you use when you're connected to the service, which creates a targeted experience for users. In the early 1990s, people began to spend more and more time on the Internet. Creative software developers designed chat-room software and set up chat rooms on Web servers. In a chat room, a group of people can type in messages that are seen by everyone in the "room." Instant messages are basically a chat room for just two people. That's when Mirabilis introduced ICQ, a free instant-messaging utility that anyone could use. ICQ, shorthand for "I seek you," uses a software application, called a client, that resides on your computer.
|