Hey everyone! I'm setting up individual environments of our system for different customers, and each one is accessed via Azure Application Gateway as the ingress controller. While the system is online, only authenticated business users can access its features. I'm considering whether I should add Azure Web Application Firewall (WAF) for protection. My initial thought is to start in Detection mode, tweak any needed exclusions, and then switch to Prevention mode later. But I'm curious: since access requires authentication, is implementing WAF still a smart move for a business application like this? Thanks!
5 Answers
Absolutely! Unless you're confident that your developers never slip up and your tools are completely secure, WAF is a smart choice to safeguard your data.
Security should always be a risk-based decision. Think about what could go wrong if you skip this step and weigh the risks accurately.
If you're using an API gateway, consider placing Azure Front Door in front of it for DDoS protection, and then layer on WAF. Plus, you'll get CDN benefits for static content. If you've got the budget and expertise, throwing in Traffic Manager could enhance this setup even more!
If you can afford it, definitely go for it! While there might be cheaper options like Cloudflare, WAF adds an extra layer of protection that's hard to beat.
WAF is crucial for securing your app gateway. Just remember to set up the diagnostic settings for better visibility on what rules are being triggered.
Related Questions
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads