Web application firewall (WAF)

A web application firewall (WAF) helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.

While AWS provides a data center and network architecture built to meet the requirements of the most security-sensitive organizations, you are responsible for securing services built on this infrastructure, notably network traffic from remote networks.

WAFs secure the application layer by protecting web-facing applications from automated and targeted attacks. Securing applications against these exploits helps ensure application availability and minimizes the risk of an attacker using your application as an entry point into your entire system.

Web application firewall (WAF)


F5 Networks

By implementing F5 Web Application Firewall (WAF) between your applications and the end users, you can decrypt and inspect all traffic before it enters the network or reaches the server in the cloud. The WAF will then use advanced detection and mitigation techniques to prevent customer data from being accessed, manipulated, or stolen.

F5 WAF provides advanced layer 7 (L7) security, protecting against L7 Denial of Service (DoS) attacks, malicious bot traffic, Open Web application Security Project (OWASP) Top 10 threats, and much more. F5 WAF helps you meet your security responsibility, with near real-time updates that maintain parity between data on-premises and in the cloud.

  • Compliance: F5 WAF helps ensure compliance with all major regulatory standards, including the Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and accountability Act (HIPAA), and Federal Financial Institutions Examination Council (FFIEC).
  • Automated learning: Using automatic learning capabilities, dynamic profiling, unique anomaly detection methods, and risk-based policies, BIG-IP Application Security Manager (ASM) can impose additional policies to prevent the most sophisticated attacks from reaching applications.
  • Dynamic reporting: BIG-IP ASM provides reporting capabilities that allow you to easily analyze incoming requests, track trends in violations, generate security reports, evaluate possible attacks, and make informed security decisions.

Here’s an architectural view of a typical F5 WAF deployment on AWS:

F5 Networks
Alberta Motor Association

Alberta Motor Association uses F5 to extend security policies to the cloud

The Alberta Motor Association wanted to ensure that their AWS-hosted applications were protected against attacks by using behavioral analytics, proactive bot defense, and application-layer encryption of sensitive data. Alberta Motor Association chose F5 WAF to provide that protection.

Alberta Motor Association moved to AWS in order to increase deployment speed while also decreasing time to market and boosting efficiency. By implementing F5 from AWS Marketplace, Alberta Motor Association maintained the same robust security policies it uses on-premises so that its entire infrastructure can remain safe.

Chris MacKinnon's quote
The whole reason we’re able to deliver the same level of security in the cloud as we did on-premises is because we have such a high level of confidence in F5’s WAF. We went through a series of vulnerability assessments and penetration testing with the WAF activated—and every time we passed with an excellent rating.
- Chris MacKinnon, Network/Security Analyst, Alberta Motor Association
AWS Marketplace

AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS.

Transit VPC

A transit Virtual Private Cloud (VPC) connects multiple VPCs and remote networks in order to create a global network transit center.

Backup and recovery

Business continuity (BC) and disaster recovery (DR) technologies help businesses recover from a disaster and resume operations with as little disruption as possible.


Monitor events in your network for security threats and stop threats once detected.

Business continuity

Business continuity (BC) and disaster recovery (DR) technologies help businesses resume operations with as little disruption as possible.

High availability

Protect against data center, availability zone, server, network and storage subsystem failures to keep your business running without downtime.

Have questions? Have tips?

We're here to help you get started with AWS Marketplace. Ask for or give advice on the AWS Marketplace discussion forum.

Have questions? Have tips?

We're here to help you get started with AWS Marketplace. Ask for or give advice on the AWS Marketplace discussion forum.