We’re sorry. We could not find a match for your search.

We suggest you try the following to help find what you're looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try “application” instead of “software.”
  • Start a new search.
Contact Us Sign in to Oracle Cloud

Oracle Web Application Firewall (WAF)

Protect applications from malicious and unwanted internet traffic with a cloud-based, PCI-compliant, global web application firewall service. By combining threat intelligence with consistent rule enforcement on Oracle Flexible Load Balancer, Oracle Cloud Infrastructure Web Application Firewall strengthens defenses and protects internet-facing application servers and internal applications.

Watch a demonstration of OCI Web Application Firewall (5:25)

WAF features

Integrated threat intelligence

Adopt a layered defense (edge and in-region) security strategy with a web application firewall that aggregates threat intelligence from multiple sources including WebRoot BrightCloud® and more than 250 predefined OWASP, application, and compliance-specific rules.


Extensive policy controls

Protect applications deployed in Oracle Cloud Infrastructure, on-premises, and in multicloud environments with access controls based on geolocation data, whitelisted and blacklisted IP addresses, HTTP URL, and HTTP header.


Active bot management

Identify and block malicious bot traffic with an advanced set of verification methods, including JavaScript, CAPTCHA, device fingerprinting, and human interaction algorithms.


Flexible enforcement

Obtain the flexibility to enforce WAF protection at the OCI edge closest to end users, as well as on internal and external load balancers closest to OCI applications. Protects the application infrastructure and workloads no matter where they reside: in OCI, on-premises, multicloud, and anywhere in between.


Protect Fusion Applications from web exploits

Monitor and detect malicious HTTP and HTTPS traffic sources to safeguard Fusion Applications, workloads, APIs, and critical data from distributed denial-of-service and common web attacks, including the OWASP Top 10 vulnerability risks. By including Oracle Cloud Infrastructure WAF as part of Fusion security, we are further extending our existing defense-in-depth architecture to SaaS applications.

Simplified and flexible pricing

Evaluate Oracle Cloud Infrastructure Web Application Firewall today. OCI customers, excluding Government customers, will not be charged for the first WAF instance and usage up to 10 million requests per month. In addition, OCI customers, excluding Government customers, get one flexible load balancer instance and the first 10 Mbps of load balancer bandwidth for free.


Oracle Web Application Firewall successes

Discover how customers use Oracle Cloud Infrastructure Web Application Firewall.

Covanta logo
IdentityMind logo
Covanta logo

Global Energy-From-Waste Firm taps OCI for Secure PeopleSoft migration.

Read the story (PDF)
October 28, 2021

Announcing OCI WAF Protection on Flexible Load Balancers

Gopi Gopalakrishnan, Senior Product Manager, Oracle Cloud Infrastructure

We are committed to being a reliable partner by providing a highly secure platform and native security services to help protect your applications. Oracle Cloud Infrastructure Web Application Firewall (WAF) is one such critical service and an important part of the broader security posture of your application. Today, we are excited to announce the general availability of OCI WAF enforcement on Flexible Load Balancer service. With this enhancement, you can now directly apply and enforce OCI WAF protection on your Flexible Load Balancer (both Public and Private) instances in addition to WAF edge enforcement on your web applications.

Read the complete post

Featured blogs

View all

WAF resources

Cloud readiness

Oracle Cloud Free Tier

Build, test and deploy applications on Oracle Cloud—for free. Sign up once, get access to two free offers.

Documentation

Oracle Cloud Infrastructure Web Application Firewall

Get the latest documentation for Oracle Cloud Infrastructure Web Application Firewall.

Customer community

Join a community of peers

Cloud Customer Connect is Oracle's premier online cloud community. With more than 200,000 members, it's designed to promote peer-to-peer collaboration and sharing of best practices, product updates, and feedback.

Cloud learning

Develop Oracle Cloud Security skills

Oracle University provides training and certification organizations can rely on to ensure success, all delivered in a choice of formats.

Related content

Oracle Cloud Infrastructure Web Application Firewall Datasheet

Learn more about the Oracle Web Application Firewall and why web application security has become a must-have for every organization that does business over the internet.

Five Reasons Why You Need a Cloud-Based Web Application Firewall

See the five main reasons why many organizations are adopting cloud-based WAF solutions.

Additional areas of interest:

Isolated Network Virtualization

See more about the SmartNIC to protect the network

Autonomous Linux

Get to know about the world’s first autonomous OS

Compliance

Learn how Oracle Cloud Infrastructure is addressing global compliance concerns

Oracle Cloud Infrastructure Regions

See Oracle Cloud Infrastructure Data Center Regions

Get started with WAF


Technical Report

Five Reasons Why You Need a Cloud-Based Web Application Firewall.

Read the report (PDF)

Oracle Cloud Infrastructure Security

Read the architecture technical paper.

Read now (PDF)

Oracle Cloud Infrastructure

Oracle Cloud Infrastructure Web Application Firewall report.

Read the report (PDF)

Oracle Cloud Infrastructure Security Differentiators

Learn more about Oracle Cloud Infrastructure Security differentiators.

Read now (PDF)