An application firewall inspects traffic destined for application servers to detect malicious or suspicious application requests. It can be configured to monitor, log and/or deny such requests.
Application firewalls usually understand the protocol underlying the communication between client and server, for example, HTTP. This enables the application firewall to intercept and inspect the protocol details and data payload of traffic passing through them.