AWS WAF Primary Use Case
There are two things that we primarily use AWS WAF (Amazon Web Services Web Application Firewall) for. One use is within the company. Within the company, the intended use is to deploy our applications. It is like working with the cloud. We can start an application in S3 (Simple Storage Service), and use profiles for access to data.
The other use is that most of our clients use a similar infrastructure. They are either using AWS, Azure or maybe Google Cloud Platform (GCP). We deploy this solution for them.
Both uses are different. One is for the cloud solutions like AWS, Azure and GCP, and one is for the local server access. That is how you want to secure a server. You are securing a server, database, app servers, and ATA gateways. The other one is for implementing security for the AWS. You want to have both running side-by-side.
Let me give you an example. Suppose, most of the people working for your company are connected from external locations with company-provided laptops or systems. I want to check all devices to make sure that they are being used in a secure way and not creating any breach of security. Those checks cannot be taken care of reliably from the AWS perspective. This is why you need two solutions.
A primary use case example is when a customer from the cloud wants to expose his applications to the internet. We make sure that the clients, the applications, whatever they're trying to export, are public but that it's not going directly public. We make a backup, for instance, to protect the sellers and applications from security checks, etc.
The regular use case is basically for blocking or giving access to different vendors to different domains. We also use it for managing and identifying the attacks and new rules that we should implement for our public domains to tune up the application firewall or tool, whatever makes more sense for us.
We're using it through the web console and API. We're just using the managed service.View full review »
Engineer at a renewables & environment company with 1,001-5,000 employees
At the moment, it's just myself working with AWS WAF in my company, and our use case for it is normal, or what you would expect from a Web Application Firewall. That includes basic DoS blocking and malicious IP address blocking. It's not a big thing for us, and just takes care of our baseline security.
AWS Security Specialist at a tech services company with 501-1,000 employees
We use this solution for online web applications.View full review »
Solution Architect at a non-profit with 10,001+ employees
While I cannot say for certain, I believe that we are using the latest version.
Principal Cloud Architect at a tech services company with 51-200 employees
We use AWS WAF to prevent cyberattacks, such as SQL Injection attacks and cross-site scripting attacks. The end users' traffic has more threats and the web application gives good support.View full review »
President at a tech services company with 1-10 employees
My whole business is cloud cost management. What I do is help people manage expenses. That encompasses everything from cleaning up software as a service subscriptions to optimizing AWS. My use cases for AWS WAF have to do with cloud research only.View full review »
Cloud architect at a tech vendor with 1-10 employees
We use this product for our web application firewall. It is used for production services.
I am not a direct customer but I have installed it for one of my clients.View full review »
I primarily use the solution as a gateway service and a transaction portal.View full review »
IT Auditor & Compliance Officer at a tech vendor with 51-200 employees
We are using AWS WAF for business purposes for clients. We host our client's platforms on AWS WAF.View full review »