Azure Application Gateway (AG) is a kind of load balancer that operates at OSI layer 7, which allows us to manage traffic to our web applications. AGs have a lot of useful capabilities, including but not limited to redirection, session affinity, custom error pages, URL-based routing, and web application firewall (WAF). With newer SKUs, such as WAF v2, we can get even more features. One of these features is custom WAF policy support, which allows us to associate a standalone custom policy with a specific Application Gateway listener. In this post, we will look at the WAF v2 tier of the Azure Application Gateway and how we can integrate a custom WAF policy with it.