Re: [Pauldotcom] Suggestions on a Web App firewall?

Wed, 10 Feb 2010 17:51:11 -0800 

If your budget is big enough, I'm extremely partial to Citrix Netscalers for 
this kind of thing.  Seen two of them paired up doing inspection on a 100 meg 
circuit that got maxed out, and their utilization was only 10 percent.  They 
have awesome security features too like SQL injection guards.

----- Original Message -----
From: [email protected] 
<[email protected]>
To: PaulDotCom Security Weekly Mailing List <[email protected]>
Sent: Wed Feb 10 15:50:40 2010
Subject: [Pauldotcom] Suggestions on a Web App firewall?

It's been over three years since I've been hands on any firewalls that
have web app capabilities... so I'm going to open this up to folks
like you.  Yes you.  You seem very nice and trust-able.

Do you have any suggestions on web application firewalls?
Specifically, I'm looking for something appliance based and (sorry to
use this term) enterprise-y (specifically, as in nice centralized
management for multiple nodes, etc).

What are some products I should review?  If you provide a name, please
let me know what you like about it.  Are there ones I should avoid?



Thanks for your help!
- Mick

PS: please don't mention host based software options like mod_security
(for apache) or eEye's whatchamacallit for IIS.  We have host based
solutions already.  We want/need inline network devices in this
instance...  I don't care what GDead (Bruce from Shmoo Group) said...
I still think security-in-depth is a worthy goal.   ;-)
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com


******************************************************************************
This email contains confidential and proprietary information and is not to be 
used or disclosed to anyone other than the named recipient of this email, 
and is to be used only for the intended purpose of this communication.
******************************************************************************
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Reply via email to