Web application firewalls (WAF), like Riverbed SteelApp Web Firewall, have a specific purpose: to protect services from attacks that attempt to exploit vulnerabilities in web applications. While general purpose firewalls (both traditional and next-generation) may also provide a degree of such protection, they're typically intended for protecting enterprise networks. WAFs include additional protection capabilities that traditional enterprise firewalls lack, and concentrate these capabilities at the application layer.
