The solution's description
The Web Application Firewall protects the web pages and web applications against the attackers who take advantage of the vulnerable spots of the applications and protocols in order to steal data or to change the appearance of the company's web pages.
It protects web applications against attacks like the denial of service attacks (DoS). Contrary to the traditional network firewalls, or detection penetration systems (IDS) that simply penetrate through HTTP, HTTPS or FTP operation into the web applications. The Web Application Firewall works as two-way proxy of this operation. It checks to see if the operation contains attacks and isolates the web servers from the direct access of the hackers. In addition, the Web Application Firewall eliminates the attacks executed by the intentional changes of the application's queries (e.g. disables the cookies' modifications).
Contrary to the detection penetration systems which only analyze the binary patterns, the Web Application Firewall takes over the entire operation system in place of the web server. It decodes the communication and drops the unauthorized characters or queries and normalizes data. In addition, the systems enable the protection against sensitive data abuse. Roughly 70 % of all reported attacks today are aimed at the application layer.