Web application firewall (WAF)

Protect web applications from common web exploits.

AWS provides a data center and network architecture built to meet even the most security-sensitive requirements. Businesses are responsible for securing services built on this infrastructure, notably network traffic from remote networks.

WAFs secure the application layer by protecting web-facing applications from automated and targeted attacks. Securing applications against these exploits helps ensure application availability and minimizes the risk of an attacker using an application as an entry point into the entire system.

Web application firewall (WAF)


F5 Networks

By implementing F5 Advanced WAF between applications and end users, businesses can decrypt and inspect all traffic before it enters the network or reaches the server in the cloud. The WAF will then use advanced detection and mitigation techniques to prevent customer data from being accessed, manipulated, or stolen.

F5 Advanced WAF provides advanced layer 7 (L7) security, protecting against L7 Denial of Service (DoS) attacks, malicious bot traffic, Open Web application Security Project (OWASP) Top 10 threats, and much more. F5 Advanced WAF helps businesses meet their security responsibility, with near real-time updates that maintain parity between data on-premise and in the cloud.

  • Compliance: F5 Advanced WAF ensures compliance with all major regulatory standards, including the Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA), and Federal Financial Institutions Examination Council (FFIEC).
  • Automated learning: Using automatic learning capabilities, dynamic profiling, unique anomaly detection methods, and risk-based policies, F5 Advanced WAF can impose additional policies to prevent the most sophisticated attacks from reaching applications.
  • Dynamic reporting: F5 Advanced WAF provides reporting capabilities that allow you to easily analyze incoming requests, track trends in violations, generate security reports, evaluate possible attacks, and make informed security decisions.

Here’s an architectural view of a typical F5 WAF deployment on AWS:

F5 Networks
Alberta Motor Association

Alberta Motor Association uses F5 to extend security policies to the cloud

The Alberta Motor Association wanted to ensure that their AWS-hosted applications were protected against attacks by using behavioral analytics, proactive bot defense, and application-layer encryption of sensitive data. Alberta Motor Association chose F5 Advanced WAF to provide that protection.

Alberta Motor Association moved to AWS in order to increase deployment speed while also decreasing time to market and boosting efficiency. By implementing F5 Advanced WAF from AWS Marketplace, Alberta Motor Association maintained the same robust security policies it uses on-premise so that its entire infrastructure can remain safe.

Chris MacKinnon's quote
The whole reason we’re able to deliver the same level of security in the cloud as we did on-premise is because we have such a high level of confidence in F5’s WAF. We went through a series of vulnerability assessments and penetration testing with the WAF activated—and every time we passed with an excellent rating.
- Chris MacKinnon, Network/Security Analyst, Alberta Motor Association
AWS Marketplace

AWS Marketplace is a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS.

Have questions? Have tips?

We're here to help you get started with AWS Marketplace. Ask for or give advice on the AWS Marketplace discussion forum.

Have questions? Have tips?

We're here to help you get started with AWS Marketplace. Ask for or give advice on the AWS Marketplace discussion forum.