Web Application Firewall or WAF helps protect web applications by monitoring HTTP and filtering traffic between the Internet and a web application. A WAF is a protocol layer 7 defense, it is not designed to defend all types of attacks. The value of a WAF comes in part from the policy modification that can be implemented with speed and ease, as it allows for faster response to varying attack vectors. WAFs are implemented one of three different ways, each with its own benefits and shortcomings: network-based, host-based and cloud-based.”]
Source: https://hackercombat.com/knowledge-base/web-application-firewall-waf-what-it-does/