![Web Application Firewall (noun) [Word Notes] - Hacking Humans cover](/_next/image?url=https%3A%2F%2Fmegaphone.imgix.net%2Fpodcasts%2F81b1d6b4-1647-11f1-93dc-c3456fa477c7%2Fimage%2F441b0ca2db080b93b935568d381ce462.png%3Fixlib%3Drails-4.3.1%26max-w%3D3000%26max-h%3D3000%26fit%3Dcrop%26auto%3Dformat%2Ccompress&w=1920&q=75)
Transcript
A (0:02)
You're listening to the Cyberwire Network, powered by N2K. Most security conferences talk about Zero Trust. Zero Trust World puts you inside this is a hands on cybersecurity event designed for practitioners who want real skills, not just theory. You'll take part in Live Hacking Labs where you'll attack real environments, see how modern threats actually work, and learn how to stop them before they turn into incidents. But Zero Trust World is more than labs. You'll also experience expert led sessions, practical case studies, and technical deep dives focused on real world implementation. Whether you're blue team, red team, or responsible for securing an entire organization, the content is built to be immediately useful. You'll earn CPE credits, connect with peers across the industry and leave with strategies you can put into action right away. Join us March 4th through the 6th in Orlando, Florida. Register now@ZTW.com and take your Zero Trust strategy from theory to execution.
B (1:28)
The word is Web application Firewall. Spelled Web as in the Internet application as in a software program, and firewall as in a barrier between two networks that can limit network traffic between the two sides. Definition a layer 7 firewall designed to block threats at the application layer of the Open System Interconnection model. The OSI model. Example sentence With a Web application firewall or waf, firewall administrators can make rules like the marketing group can go to Facebook, but the sales group can't. Origin and context in 1988, Jeff Mogul, Brian Reed, and Paul Vicsey, working for Digital Equipment Corporation, conducted the first research on firewall technology. This was the first generation of firewall architecture. Between 1989 and 1990, Dave Presotto and Howard Trickey of Bell Laboratories pioneered the second generation with their research in circuit relays. They also implemented the first working model of the third generation firewall architecture, known as application layer firewalls. Between 1990 and 1991, Gene Spafford of Purdue University, Bill Cheswick of Bell Labs, and Marcus Ranum independently researched application layer firewalls. These eventually evolved into next generation firewalls many years later. In 1992, Digital Equipment Corporation shipped Deck Seal, the first commercial firewall, and included proxies developed by Marcus Ranum. In 1994, Check Point Software released the first stateful Inspection Commercial Firewall A Layer 3 firewall Layer 3 refers to the OSI model, meaning that firewall administrators can make rules based on IP addresses, ports, and protocols. In 1994, William Cheswick and Steve Bellavin published Firewalls and Internet Security Repelling the Wily Hacker, the first book on firewalls as a technology. They called it a circuit level gateway and packet filtering technology. Interestingly, their ideas came from the desire not to keep intruders out of their networks, but to keep employees from going to bad places on the Internet. Palo Alto Networks launched the first next Generation Firewall in 2007, a firewall that not only does staple inspection at layer 3, but more importantly allows rules at the application layer. Layer 7 firewall administrators could not only block network traffic to and from bad IP addresses, but also could block access to applications tied to the authenticated user. By the 2000 and tens, some firewalls had morphed into giant orchestration engines. In other words, instead of deploying multiple independent security tools in line at the perimeter that the infosec teams had to manage and orchestrate separately, the next generation firewall became a Swiss army knife of security tools. One box, either hardware or software that could do layer 3 policy layer 7 policy intrusion detection, anti malware, XDR, etc. By the late 2000 and tens, the secure web gateway emerged as a simpler firewall that abandoned the orchestration engine idea and just performed layer 7 policy functions, but specifically for endpoint user web traffic. Firewall administrators can make rules for URL filtering, malicious code detection, and application controls for popular web based applications such as instant messaging and Skype. In contrast, web application firewalls can do most of the same things as secure web gateways, plus some basic heuristics and anomaly detection to prevent exploitation of application vulnerabilities. Nerd reference in 2015, Bill Cheswick presented at the Vintage Computer Federation conference and talked about some of the early days of computer security when he took a job at the famous Bell labs in the 1980s and worked for some computer science legends like Dennis Ritchie, the co creator at the C programming language and the Unix operating system written in C with colleagues Ken Thompson, Brian Kernighan and Rob pike, and he talked about how his experiments with proto firewalls protected Bell Labs from the infamous Morris worm in the late 1980s.