In order to accurately outline how a dWAF is possible while maintaining all the benefits of a completely virtualized environment – reduced IT overhead, flexible footprint management, virtually unlimited scalability – a brief overview of cloud technology is needed. Far more than simply maximizing current hardware resources to benefit from unused CPU power, today there are three main technologies available in a cloud that provide the backbone for real productivity gains and compelling business services for companies that don’t want to invest in the hardware scaling burdens common today.
Software as a service (SaaS) offers users virtualized software through a thin-client, usually any standard web browser. The benefit for users is access to software without any of the headaches of owning the programs – scaling and resources are taking care of, and patching and upgrades are managed.
Platform as a service (PaaS) provides users with virtual databases, storage and programming languages with which custom applications can be built. This service provides nearly unlimited resources behind the platform and allows customers to scale throughout the lifetime of the application. It is an effective solution for companies ranging from the very small to those serving millions of customers. The customer does not worry about the infrastructure needed to run the services and is billed in per usage model.
Infrastructure as a service (IaaS) allows users access to virtually unlimited resources to build and manage their own virtual network. Customers can commission and decommission virtual resources depending on their need. The most obvious benefit is that there is no end-of-life for hardware anymore for the customers. The providers move them according to their service level from hardware to hardware without any downtime.
The common user benefit of services available through a cloud is access to key resources via the Internet, which provides an incredible degree of scaling without the need to invest in expensive hardware infrastructure.
Cloud applications are highly exposed to threats
Accessing cloud technologies requires a thin-client, and the world’s most commonly used thin-client for this purpose is a web browser. This means the vast majority of all applications on the Internet have some kind of web and / or application server on which the business logic is implemented. Currently, most of the money spent on security goes into firewalls and antivirus solutions, but in the last 10 years the typical target for attacks has shifted from the network layer to the application layer because the operating systems and services available to the general public were cut down. As a result, it is now easier to target the application logic or framework of an application than the actual server behind the hardened network perimeter. Applications are mostly developed by the businesses themselves and not every developer considers security the highest priority, which leads to a wide variety of problems.