Is WAF by default more secure or same as DNAT?

Question

Hi Community, 
 My question refers to WAF. 
 Is WAF without activated protection (i.e. the protection rule is issued) already more secure than simple DNAT? Or is it like DNAT? 
 The difference should be that the firewall makes the request instead of passing the ports directly.

Vishal_R · Accepted Answer

Hi Peter Lustig1

If there is no protection policy applied over WAF rule then it is more similar to DNAT rule only and the only difference is firewall makes connection to end local server with WAF rule - which you already mentioned.