Date Added: Jul 2009
To protect an organisation from attacks on their IT infrastructure, perimeter firewalls are nowadays means of standard protective measures. Attacks on the application layer (e.g. web applications) cannot be effectively prevented by those systems as HTTP and HTTPS requests usually pass the firewalling mechanisms unaltered and are forwarded directly to the web server. Web application firewalls therefore operate on a higher network layer seeking to prevent application level attacks by analysing the user data transmitted via HTTP or HTTPS.