During the COVID 19 pandemic, the entire world closed completely to in-person trading activities and moved almost every utility to online platforms. Although we do not intentionally promote this, we have created opportunities for hacker groups to attack and steal dangerous data when Website Firewall systems are too lagging behind the increasing attack tactics improved and more disturbing.
According to IBM's cybersecurity report released in 2020, it takes an average of 228 days for security teams to detect and identify a vulnerability, a security breach on the website system.
In the face of the current worrying situation of cyber attacks, businesses need to seriously re-check their Website Firewall system, review the firewall's security rules and consider integrating the latest technologies to ensure the protection of the Website Firewall system for your organization.
Website Firewall: distinguish WAF and traditional Network Firewall
The traditional firewall system Network Firewall acts as a boundary protecting internal traffic inside the system and traffic coming from end-users.
Bringing in the old technologies of the traditional Website Firewall system, Network Firewall only allows users to build and define security rules for the system in advance, then the firewall will follow exactly those rules. that security rule by determining the IP address and access port of the query source to determine if an inbound query is eligible to be identified as authorized.
The difference in properties between the 2 Website Firewall systems
While the web application firewall (WAF - Web Application Firewall) is developed specifically to secure applications and the API layer of the website system. The WAF system protects HTTP(s) protocols and web applications against vulnerabilities, unauthorized data collectors, and other malicious actors.
The physical difference between 2 Website Firewall systems
The physical difference between Network Firewall and Web Application Firewall
While the Network Firewall system is located at the edge servers (Edge Server), the WAF firewall is placed directly between the accessing user and the enterprise website and application server system.
In terms of operation
WAF system - Web Application Firewall with the ability to protect the API layer and website system against vulnerabilities and security breaches on the website. WAF is configured as a reverse proxy, inspecting all HTTP queries before it reaches the origin server. Detect and prevent unusual traffic to the system with CAPTCHA tests to ensure that this traffic is sent from humans, not bots.
The Network Firewall system will protect the entire perimeter of the connected network by using information routing protocols (Information Protocol). Users can build and set up security rules for the system based on IP ranges, Ports, ICMP (Internet Control Message Protocol),... The system will monitor the activity of the access from the beginning of the connection. connect until the session ends.
|Web Application Firewall||Network Firewall|
|Strength||Customize security rules and condition filters, limit upload size, decrypt and inspect SSL, IDS, and IPS traffic, all display as data packets.||Block unauthorized protocols, ports and IP addresses. Support to hide the origin server IP when there is an intrusion into the system.|
|Weakness||False negatives and false negatives. Traditional WAF technology cannot resist Zero-day vulnerabilities.||There are only Accept/Reject rules. Inability to decrypt traffic and prevent attacks on end-user devices. Not able to protect the system with current intrusion attack methods.|
The difference in the performance of the two Website Firewall systems is illustrated in detail in the OSI model consisting of 7 layers that describe how network systems communicate and operate with each other. The traditional WAF firewall system and the Network Firewall firewall have completely different layer protection roles.
For traditional web application firewalls, WAF is only capable of focusing security for Layer 7 (application layer). The Network Firewall system will protect Layers 3 and 4 (network and transport layers).
|Layer 7||Application Layer||Where applications access the network.|
|Layer 6||Presentation Layer||Where to format and encode data.|
|Layer 5||Session Layer||Control ports, active sessions and stay connected.|
|Layer 4||Transport Layer||Data transmission using TCP, UDP,...|
|Layer 3||Network Layer||Determine the routing of outgoing data|
|Layer 2||Data link Layer||Specify the format of the data.|
|Layer 1||Physical Layer||Transmits the raw bitstream over physical media.|
About the security ability between the two Website Firewall systems
The two Website Firewall systems have a huge difference in system security between the two firewall systems.
The Network Firewall system is capable of protecting against threats of:
Meanwhile, WAF focuses on the detection and prevention aspect of security vulnerabilities on the page.
Deployment options difference
Both Website Firewall systems have in common the ability to set rules to allow/block traffic.Depending on the type of firewall you have on your system: WAF will allow the ability to build and customize security rules.As for Network Firewall, security rules have been pre-built and pre-installed by the provider.
Firewalls are deployed on the local area network (LAN).Enables optimal latency, the ability to build and customize security protocols on the firewall.Network-based Firewall systems often require the highest investment and operating costs due to the requirements of hardware installation, physical storage, and system maintenance.
The deployment solution is similar to the Network-based Firewall system, but the host-based firewall will be integrated directly into the source code of the website and application system.Users can customize security rules on the firewall, but it requires high IT skills and system time.
For the Host-based Firewall solution, the latency is almost zero because the firewall system is pre-installed on the website and application system. But this is also the biggest obstacle of a Host-based firewall because it uses resources on the local server system, which can significantly slow down the processing speed of the web application system if the server does not have enough capacity or storage space.
The firewall system is fully installed and deployed on the cloud platform and offered to enterprises as a SaaS product. Choosing a Cloud-based firewall is receiving the attention of many businesses operating on a digital platform when it contains the strengths of the two deployment methods Network-based and Host-based while solving all the disadvantages of the two systems mentioned above. With the ability to easily set up when only requiring DNS pointing on the system, the Cloud-based Firewall solution is considered the most reasonable choice for businesses at this time.
About the Cloud WAF firewall solution at VNETWORK
As the number of users and access increased exponentially after the COVID 19 pandemic, the number of security breaches and cyberattacks also increased rapidly. The old technology Website Firewall systems that businesses are using today have completely lost the ability to protect web application systems against various types of attacks and security breaches, which are continuously upgraded and developed.
100% of active websites carry dangerous security holes that have not been detected.In which, more than 90% of security holes on the website system originate from web applications, and most organizations do not have an overview of the problem and underestimate the damage that can happen when being attacked.
At VNETWORK, we have built and added the latest technologies in the market to develop the Cloud WAF solution - a cloud web application firewall. Combining the power and protection of traditional WAF firewalls and Network Firewall systems, Cloud WAF with comprehensive protection for Layers 3, 4 and 7 on corporate website systems, is fully integrated with technology. AI technology on the RUM system (real-time user monitoring) will automatically change the server system IP immediately when detecting an attack.
Cloud WAF Firewall uses artificial intelligence technology to automatically analyze queries to the system, prevent malicious code and unauthorized data collectors on the Website. Combined with the Multi CDN system on the VNIS platform (VNETWORK Internet Security), it will create a comprehensive security and transmission solution for businesses with the ability to detect, withstand and prevent all types of network attacks today such as DDoS, BotNet, Ransomware, and potential threats in cyberspace.
In addition, to address the exponentially increasing demand for the secure transmission of enterprises after the COVID19 pandemic, VNETWORK has continuously developed and launched solutions for transmission and system security with the latest technologies to best serve our partners operating on digital platforms:
VNCDN - Solution for content transmission and website acceleration by CDN (Content Delivery Network) technology with the ability to receive nearly 3 million simultaneous user visits to the system.
VNIS - A comprehensive security solution for enterprise website systems, controlling and preventing security holes and malicious data collectors. With a global CDN system of up to 2600Tbps along with the ability to integrate global CDN providers into a giant Multi-CDN system, it helps to optimize the transmission performance of the website system both help against traffic attacks (DDoS, DoS) effectively.