If you haven’t thought about web application firewalls (WAFs) in a while, you might think they were an anachronism, a tool of the past that modern application environments don’t bother with. You’d be wrong. While traditional WAF appliances are still popular in data centers and with legacy applications, the WAF market has evolved with the applications it protects and now offers a range of deployment models and form factors to support organizations’ hybrid and multicloud reality. Last year, as Log4Shell sent organizations scrambling, WAF vendors responded by pushing out new rules to block attacks, giving application owners time to identify and upgrade vulnerable Log4j versions.
With the release of the Forrester Now Tech: Web Application Firewalls, Q2 2022, let’s take a quick look at the range of vendors offering web application firewalls:
- CDN-adjacent WAFs: Content delivery networks (CDNs) optimize delivery of web pages and other web content based on the geographic location of users. Many CDNs also offer security controls such as WAFs, which customers can deploy before a web server or — even better — at the edge of the CDN, closer to the origin of malicious traffic, giving even better performance to web content.
For more on the strengths and weaknesses of the different functional segments and to learn more about the many players in the WAF space, check out the Forrester Now Tech: Web Application Firewalls, Q2 2022, or reach out to set up an inquiry.