Security Basics mailing list archives

Re: RE: Firewalls and PCI

From: cstubbs () gmail com
Date: 16 Jan 2008 23:47:46 -0000

There's certainly cross over between the two, however I would have to say an application firewall should be more like a 
proxy with inspection/correction capabilities based on application knowledge. Less like a traffic interception and 
attack response device which is what an IPS is.

If it's a true application firewall it should also sit above transport security layers such as SSL/TLS in order to 
fully inspect everything that's about to be processed by the application.

Current thread:

RE: Firewalls and PCI, (continued)
- - RE: Firewalls and PCI Jason Alexander (Jan 16)
- Re: Re: Firewalls and PCI evilwon12 (Jan 16)
  - Re: Re: Firewalls and PCI Josh Haft (Jan 16)
    - Message not available
    - Re: Firewalls and PCI Lyle Worthington (Jan 17)
    - RE: Re: Firewalls and PCI Honer, Lance (Jan 18)
    - Re: Re: Firewalls and PCI Josh Haft (Jan 18)
    - RE: Re: Firewalls and PCI Scott Williamson (Jan 18)
    - RE: Re: Firewalls and PCI Honer, Lance (Jan 18)
    - Re: Re: Firewalls and PCI Josh Haft (Jan 18)
    - RE: Firewalls and PCI Kevin Ortloff (Jan 18)
- Re: RE: Firewalls and PCI cstubbs (Jan 16)
- Re: RE: Firewalls and PCI Elizabeth Tolson (Jan 17)
  - RE: RE: Firewalls and PCI Abimbola, Abiola (Jan 17)
- Re: Firewalls and PCI David Glosser (Jan 17)