Using the Web Application Firewall (WAF), also known as reverse proxy, Sophos UTM lets you protect your webservers from attacks and malicious behavior like cross-site scripting (XSS), SQL injection, directory traversal, and other potent attacks against your servers. You can define external addresses (virtual webservers) which should be translated into the "real" machines in place of using the DNATDestination Network Address Translation rule(s). From there, servers can be protected using a variety of patterns and detection methods. In simpler terms, this area of Sophos UTM allows the application of terms and conditions to requests which are received and sent from the webserver. It also offers load balancing across multiple targets.