Web Security Manager web application firewall is installed in the network between the network firewall and the web server. It is a filtering reverse proxy that terminates all client requests validates them and, if benign, re-issues the requests to the protected web servers on behalf of the clients.

This means that the client (from the Internet) sees Web Security Manager as the web server that serves requests to the protected web site and the protected web server only communicates directly with Web Security Manager.