Closed ljliu2k closed 6 years ago
@ljliu2k Thanks for the feedback! I have assigned the issue to the content author to evaluate and update as appropriate.
@ljliu2k Thanks. I updated the FAQ.
@ljliu2k We will now close this issue. If there are further questions regarding this matter, please reply to @femsulu and we will gladly continue the discussion.
The feedback is to this doc - https://docs.microsoft.com/en-us/azure/application-gateway/application-gateway-faq The No answer to "does WAF also support DDoS prevention" is causing confusion, as it contradicts to couple other Azure DDoS Protection documents that describe AppGW WAF protects Layer 7 DDoS.
Here are couple examples: 1) https://docs.microsoft.com/en-us/azure/virtual-network/ddos-protection-overview
"Resource (application) layer attacks: These attacks target web application packets, to disrupt the transmission of data between hosts. The attacks include HTTP protocol violations, SQL injection, cross-site scripting, and other layer 7 attacks. Use the Azure Application Gateway web application firewall, with DDoS Protection Standard, to provide defense against these attacks. There are also third-party web application firewall offerings available in the Azure Marketplace."
2) https://docs.microsoft.com/en-us/azure/security/azure-ddos-best-practices
Web application firewall for resource attacks Specific to resource attacks at the application layer, you should configure a web application firewall (WAF) to help secure web applications. A WAF inspects inbound web traffic to block SQL injections, cross-site scripting, DDoS, and other Layer 7 attacks. Azure provides WAF as a feature of Application Gateway for centralized protection of your web applications from common exploits and vulnerabilities. There are other WAF offerings available from Azure partners that might be more suitable for your needs via the Azure Marketplace.
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.