Protect applications from malicious and unwanted internet traffic with a cloud-based, PCI-compliant, global web application firewall service. By combining threat intelligence with consistent rule enforcement on Oracle Flexible Load Balancer, Oracle Cloud Infrastructure Web Application Firewall strengthens defenses and protects internet-facing application servers and internal applications.
Adopt a layered defense (edge and in-region) security strategy with a web application firewall that aggregates threat intelligence from multiple sources including WebRoot BrightCloud® and more than 250 predefined OWASP, application, and compliance-specific rules.
Protect applications deployed in Oracle Cloud Infrastructure, on-premises, and in multicloud environments with access controls based on geolocation data, whitelisted and blacklisted IP addresses, HTTP URL, and HTTP header.
Identify and block malicious bot traffic with an advanced set of verification methods, including JavaScript, CAPTCHA, device fingerprinting, and human interaction algorithms.
Obtain the flexibility to enforce WAF protection at the OCI edge closest to end users, as well as on internal and external load balancers closest to OCI applications. Protects the application infrastructure and workloads no matter where they reside: in OCI, on-premises, multicloud, and anywhere in between.
Monitor and detect malicious HTTP and HTTPS traffic sources to safeguard Fusion Applications, workloads, APIs, and critical data from distributed denial-of-service and common web attacks, including the OWASP Top 10 vulnerability risks. By including Oracle Cloud Infrastructure WAF as part of Fusion security, we are further extending our existing defense-in-depth architecture to SaaS applications.
Evaluate Oracle Cloud Infrastructure Web Application Firewall today. OCI customers, excluding Government customers, will not be charged for the first WAF instance and usage up to 10 million requests per month. In addition, OCI customers, excluding Government customers, get one flexible load balancer instance and the first 10 Mbps of load balancer bandwidth for free.
Discover how customers use Oracle Cloud Infrastructure Web Application Firewall.
Gopi Gopalakrishnan, Senior Product Manager, Oracle Cloud Infrastructure
We are committed to being a reliable partner by providing a highly secure platform and native security services to help protect your applications. Oracle Cloud Infrastructure Web Application Firewall (WAF) is one such critical service and an important part of the broader security posture of your application. Today, we are excited to announce the general availability of OCI WAF enforcement on Flexible Load Balancer service. With this enhancement, you can now directly apply and enforce OCI WAF protection on your Flexible Load Balancer (both Public and Private) instances in addition to WAF edge enforcement on your web applications.
Read the complete postBuild, test and deploy applications on Oracle Cloud—for free. Sign up once, get access to two free offers.
Get the latest documentation for Oracle Cloud Infrastructure Web Application Firewall.
Cloud Customer Connect is Oracle's premier online cloud community. With more than 200,000 members, it's designed to promote peer-to-peer collaboration and sharing of best practices, product updates, and feedback.
Oracle University provides training and certification organizations can rely on to ensure success, all delivered in a choice of formats.
Five Reasons Why You Need a Cloud-Based Web Application Firewall.
Read the architecture technical paper.
Oracle Cloud Infrastructure Web Application Firewall report.
Learn more about Oracle Cloud Infrastructure Security differentiators.