Microsoft Azure Web Application Firewall (WAF) Generally Available
You can try Application Gateway Web Application Firewall today using portal or ARM templates.
Microsoft on Thursday bolstering up protection of applications from web vulnerabilities and attacks made the Web Application Firewall (WAF) general available.
The availability builds on plans announced last September to add WAF to the layer 7 Azure Application Gateway, which is an Application Delivery Controller (ADC) layer 7 network service offering capabilities including SSL termination, true round robin load distribution, cookie-based session affinity, multi-site hosting, and URL path based routing, says Yousef Khalidi.
Application Gateway can host up to 20 websites behind a single gateway, and can protect multiple web apps simultaneously. It provides SSL policy control and end to end SSL encryption to provide better application security hardening.
Following core benefits are provided by WAF:
WAF addresses various attack categories including:
Cross site scripting
Common attacks such as command injection, HTTP request smuggling, HTTP response splitting, and remote file inclusion attack
HTTP protocol violations
HTTP protocol anomalies
Bots, crawlers, and scanners
Common application misconfigurations (e.g. Apache, IIS, etc.)
HTTP Denial of Service
Application Gateway WAF is simple to configure, deploy, and manage via the Azure Portal and REST APIs. PowerShell and CLI will soon be available.
Administrators can centrally manage WAF rules.
Existing Application Gateways can be simply upgraded to include WAF. WAF retains all standard Application Gateway features in addition to Web Application Firewall.
Application Gateway WAF provides ability to monitor web apps against attacks using a real-time WAF log integrated with Azure Monitor to track WAF alerts and easily monitor trends.
Application Gateway WAF will shortly be integrated with Azure Security Center for a centralized security view of all Azure resources.
Application Gateway WAF can be run in detection or prevention mode.
Application Gateway WAF uses one of the most popular WAF deployments – OWASP ModSecurity Core Rule Set to protect against the most common web vulnerabilities, explains Khalidi.
Citrix XenDesktop Essentials, the promised Citrix Cloud service which allows to run Windows 10 Enterprise desktops virtually on Microsoft Azure is available now for purchase for a $12 per user per month costing.
Another virtualization offering from Citrix called "XenApp Essentials" (formerly XenApp Express) meant to replace Microsoft's Azure RemoteApp, is also available in the Azure Marketplace as on today.
While XenDesktop Essentials allows users to run Windows 10 desktops virtually, the XenApp Essentials service lets them have business apps delivered remotely from Azure. "XenApp Essentials is the fastest and easiest way to securely deliver Windows apps from Microsoft Azure to any Device," reads the Marketplace listing.
"Citrix and Microsoft deliver an integrated experience that simplifies onboarding for XenApp Essentials and Azure IaaS (Infrastructure as a Service), providing a single interface to design, deploy and deliver virtualized Windows apps from Azure."