This video is part 1 of a step by step hands on guide on Azure Web Application Firewall or WAF.
We will look into the WAF solution from Azure offering and perform the provisioning of the solution together with configuration and testing.
We will also take a look at detection mode vs prevention mode, firewall rule sets, migration of waf policies, create our own custom rules and turn on logging and diagnostics.
How WAF provides centralized protection of your web applications from common exploits and vulnerabilities such as SQL injection attacks, cross site scripting attacks, command injection, HTTP request smuggling, HTTP response splitting and remote file inclusion.
Part 2 of this video (to be released shortly) covers the WAF logging and diagnostics piece using Application Gateway Analytics and Log Analytics.
This video (part 1):
Introduction to WAF
Diagram of WAF solution
Virtual network and web server configuration
Creating app gateway (WAF)
App gateway (WAF) config
Load balancing testing demo
Network Security Groups (NSGs)
Migration of WAF firewall policies
Custom rule creation
Blocking IP addresses using custom rules demo
Enabling logging and diagnostics
Next video (part 2) will cover:
WAF logging and diagnostics using
Application Gateway Analytics for Application Gateway Access Logs and Application Gateway Performance Logs
Log Analytics for Application Gateway Firewall Logs