You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Oracle's Web Application Firewall - architecture

Received Response
51
Views
1
Comments
edited May 31, 2019 4:27PM in OCI - General 1 comment

Summary

Does the WAF inspects/filters out the server's response before it is sent to the client?

Content

I was wondering if the WAF filters out only suspicious requests made by the client, or in addition to inspecting the incoming requests, the WAF is going to check the response made by the server before it is sent to the client.

It is obvious that the diagram below holds:
Client --request--> --WAF--> --request--> Server

The question is whether the following holds as well:
Client <--response-- <--WAF-- <--response-- Server

Thanks in advance!

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!