Web Application Firewall vs. Container Firewall
Application containers provide an efficient way to deploy and manage applications, including web facing ones. But with containerization, securing applications has become even more challenging. I often get asked for the comparison of a web application firewall vs. container firewall. I also get asked about next generation firewalls (NGFW) vs container firewalls, and you can read this comparison here.
The short summary is that web application firewalls are special function devices or software designed to protect external access to web facing applications, while in contrast container firewalls protect all internal east-west traffic between containers while also including some of the protections of a WAF. Container firewalls also contain many other features, as discussed at the last section Continuous Container Security.
Protecting applications in a modern rapid deployment process requires security to be built into the entire cycle, from build, to ship, to run. Code scanning and image vulnerability scanning tools should be used before containers are even deployed to production. In a production environment, a combination of traditional security tools should be deployed with cloud-native container security tools.
Read the entire article here, Web Application Firewall vs. Container Firewall