[MUSIC] In this lesson, let's look at what are web application firewalls. Well, you are familiar with firewalls. Firewalls typically operate at layer 3, 4, and 5. Meaning they can understand IP, TCP, UDP, and sessions, but they cannot understand layer 7. So what happens is because they cannot understand layer 7, they cannot interrogate packets looking at what application exploits those packets might contain. A web application firewall protects against complex layer 7 or application layer attacks. What are these kinds of attacks? These are things like SQL injections and cross-site scripting exploits. Well, this is a foundational course. So we will keep it at a high level. But that's in essence what a web application firewall is. Like we just described it's a device, server side plugin, or a filter that applies a set of rules to HTTP or HTTPS traffic. By intercepting this HTTPS traffic or HTTP traffic and passing them through a set of filters and rules. A web application firewall is able to uncover and protect against attacks streams, like SQL injections hitting a web application. Typical response from a web application firewall will either be allowing the request to pass through, audit, and log the request. Or block the request by responding with an error page. So those are some of the common typical scenarios that a web application firewall will do. So let's look at some of the capabilities really quickly. And again, being a foundational course, this is a very complex topic, so we're not getting into all the details here. But OCI WAF service supports over 250 rule sets to protect against SQL injections, cross site scripting, HTML injections, etc. There is a whole set of capabilities. I'm sure you're used the web so you're familiar with CAPTCHA. So there are things like JavaScript challenge, CAPTCHA challenge, device fingerprint challenge, whitelisting capabilities. They all work in conjunction with rule set to further detect and mitigate bad bots and only allow legitimate traffic. So think about how do we prevent these bad bots, in the first place the WAF is useful there. There's this concept of a user access control, which can be configured on the basis of countries, IP addresses, URL, and other requests attributes to prohibit risky traffic. So, for example, it can filter based on location and it has rate awareness. So it can filter based on the quantity of something, if a certain IP address is attempting to do a certain thing with a certain frequency or above, then WAF can block that activity. So it's really handy for those kind of scenarios. And then finally, OCI WAF service has multi-cloud support, or it works for any Internet facing application in any environment, whether that's OCI, on-premises or across multi-cloud deployments. To recap, that's the web application firewall. I think next time, what really helps to filter the traffic at layer 7, that's web application firewall. I hope you found this lesson useful. Thanks for watching.
