We are pleased to announce the release of the Oracle Cloud Infrastructure Web Application Firewall (WAF) service for Oracle Cloud Infrastructure workloads and multicloud web applications. Oracle Cloud Infrastructure WAF is an enterprise-grade, cloud-based security solution designed to protect internet-facing web applications from malicious cyberattacks and bot scrapers. In the 2018 Oracle and KPMG Cloud Threat Report, 51 percent of respondents indicated that a web application firewall was a top priority in protecting malicious access to an organization’s sensitive and critical data.
Web applications are the heart of today’s digital businesses, and they are under constant threat from cyberattacks by bad actors who want to compromise your site. A bad actor who gains access to your web application server can steal data, use it as a platform to propagate malicious software to your customers, and damage the brand reputation of your business. It's no wonder that security is a top concern for all businesses moving their workloads to the cloud, and a web application firewall is an absolute requirement for today’s digital business. Many businesses won't even relocate critical applications, data, and services to the cloud without a web application firewall. Oracle Cloud Infrastructure WAF is here to provide the protection and peace of mind that you require for your Oracle Cloud Infrastructure, on-premises, and multicloud workloads.
Oracle Cloud Infrastructure WAF acts as a reverse proxy that inspects all traffic flows or requests before they arrive at the origin web application. It also inspects any request going from the web application server to the end user.
This powerful service enables you to control data leakage from your applications servers and to protect your servers from outside threats.
Oracle Cloud Infrastructure WAF is tightly integrated in the Console with the other Oracle Cloud Infrastructure applications and services, making it easy to set up and control. For example:
WAF is located under the Edge Services menu. You can enable predefined rules for passive detection, or WAF can block for each individual rule as a reverse proxy to the web application origin.
Logging of traffic through the WAF can be analyzed from within the Console or pulled into an enterprise SIEM.
Detailed application logging and visibility
In addition to the Console integration, a robust RESTful API into the WAF platform is available. This includes multiple language SDKs, a CLI, and Terraform.
Following are just a few of the many use cases for a web application firewall:
Oracle Cloud Infrastructure WAF is a key component for enabling internet-facing web applications when you move away from requiring a VPN or build customer-facing applications. For more information about the Oracle Cloud Infrastructure WAF, visit our website.