We are going to take a look at the most recent updates and changes in Azure Web Application Firewall (WAF). However, if you want to take a look at an overview of what WAF is first, you can see the product overview here and the regional and global differences along with the pricing structure here.
Recent WAF feature updates
- Regional & Global: Updated rule sets with the general availability release of Managed Default Rule Set 2.0 (DRS 2.0) integrated with Azure Front Door Premium tier and the general availability of Open Web Application Security Project (OWASP) ModSecurity Core Rule Set 3.2 (CRS 3.2) for the regional tier.
- Regional & Global: In both regional and global WAF anomaly scoring has been introduced to reduce the number of false positives.
- Global: Since the general availability of DRS 2.0, the global tier supports content types including XML and JSON.
- Regional: Since the general availability of CRS 3.2, the size limits have increased. The regional tier supports file upload size up to 4GB request body size inspection up to 2MB.
Next Generation Engine
Along with the general availability of CRS 3.2 came the general availability of the next generation WAF engine on Azure Application Gateway. The benefits of this Microsoft propriety engine include:
- Future feature updates not applied to any previous version
- Efficient RegEx processing providing better protection
- Increased scale with 8 times more RPS and the ability to process 16 times larger request sizes using the same compute power
- Increased performance with a large reduction to WAF latencies and P99 latencies
To make full use of these benefits, you need to upgrade to CRS 3.2. Customers on CRS 2.2.9 will continue to receive support.
Full details on the new engine are available on the Microsoft documentation here.