Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Difference between WAF and DAM process.

    Posted 03-20-2023 02:54

    Dear Team,

    Can anyone clarify for me the difference between WAF and DAM Process in a simple way?

    Also the traffic flow chart for both the waf and DAM process.

    Waiting for your reply.


    #AllImperva

    ------------------------------
    Sagar E
    Consultant
    Quoinx Technologies Pvt Limited
    Mumbai
    ------------------------------


  • 2.  RE: Difference between WAF and DAM process.

    Posted 03-20-2023 18:31
    Edited by Philip Acton 03-20-2023 18:38

    Hi Folks,

    This would be the breakdown of the Imperva Waf and DAM traffic flow and how you should expect it the breakdown will also answer your question regarding the difference between the Imperva WAF and Imperva DAM.

    This also is a very basic flow and high level overview.

    Imperva WAF Traffic Flow:

    1. User (client) sends a request to access a web application.
    2. The request passes through the Imperva WAF after load balancer or external firewall.
    3. The WAF analyses the request and determines if it is malicious or not (usually via policies created by WAF administrator).
    4. If the request is determined to be malicious, the WAF blocks the request and logs the event.
    5. If the request is legitimate, it is forwarded to the web application.
    6. The web application processes the request and sends a response.
    7. The response passes through the Imperva WAF.
    8. The WAF analyses the response and determines if it contains any malicious content.
    9. If the response is determined to be malicious, the WAF blocks the response and logs the event.
    10. If the response is legitimate, it is forwarded to the user.

    Imperva DAM Traffic Flow:

    1. A user or application sends a request to access a database.
    2. The request passes through the Imperva DAM.
    3. The DAM analyses the request and determines if it is authorized or not.
    4. If the request is authorized, it is forwarded to the database.
    5. The database processes the request and sends a response.
    6. The response passes through the Imperva DAM.
    7. The DAM analyses the response and determines if it contains any sensitive data or policy violations.
    8. If the response contains sensitive data or policy violations, the DAM logs the event and alerts security personnel.
    9. If the response is legitimate, it is forwarded to the user or application.

    In summary, the traffic flow for Imperva WAF focuses on analysing and blocking malicious web traffic to protect web applications, while the traffic flow for Imperva DAM focuses on analysing database activity and detecting unauthorized access and data breaches.



    ------------------------------
    Philip Acton
    ------------------------------



  • 3.  RE: Difference between WAF and DAM process.

    Posted 03-21-2023 03:54

    Thanks, Philip for your answer.



    ------------------------------
    Sagar E
    Consultant
    Quoinx Technologies Pvt Limited
    Mumbai
    ------------------------------