HomeWinBuzzer NewsMicrosoft Introduces WAF for Azure Application Gateway to Combat Web-App Attacks

Microsoft Introduces WAF for Azure Application Gateway to Combat Web-App Attacks

The company’s Web Application Firewall (WAF) feature was debuted at Ignite last year and is now available on Azure Application Gateway. The feature protects multiple apps from malicious attacks.


has added new protection to public cloud customers. The company has announced a Web Application Firewall (WAF) option for Azure Application Gateway and HTTP load-balancing. This integration will mean user sites are better protected from malicious attacks.

The company announced WAF at ignite last year. In its announcement, Microsoft says that finding solutions to stop layer-7 app attacks is not easy. This usually includes needing patching and monitoring throughout tiers to prevent attacks.

Web apps have become common targets for attackers, who can exploit vulnerabilities such as SQL injection and cross site scripting flaws. By implementing a web application firewall (WAF), Microsoft can protect against more web attacks.

Importantly, the feature also gives customers a simplified way of managing security across their apps. This is achieved with no need to change applications.

Yousef Khalidi, Microsoft corporate VP for Azure Networking explains the benefits of WAF: “A centralized Web application firewall (WAF) protects against Web attacks and simplifies security management without requiring any application changes.”

“Application and compliance administrators get better assurance against threats and intrusions.”

WAF in Azure Application Gateway

By using WAF through Azure Application Gateway, the application delivery controller layer 7 network service also gets SSL policy control and end-to-end SSK encryption and logging:

“Web Application Firewall integrated with Application Gateway's core offerings further strengthens the security portfolio and posture of applications protecting them from many of the most common Web vulnerabilities, as identified by Open Web Application Security Project's (OWASP) top 10 vulnerabilities,” Khalidi noted.

The service is designed to block end-of-service attacks that target multiple web apps. Application Gateway supports up to 20 sites behind one gateway. There are large application gateways, costing $94 and $333 respectively.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News