PaulDotCom mailing list archives
Suggestions on a Web App firewall?
From: Russell.Butturini at Healthways.com (Butturini, Russell)
Date: Wed, 10 Feb 2010 16:52:15 -0600
If your budget is big enough, I'm extremely partial to Citrix Netscalers for this kind of thing. Seen two of them paired up doing inspection on a 100 meg circuit that got maxed out, and their utilization was only 10 percent. They have awesome security features too like SQL injection guards. ----- Original Message ----- From: pauldotcom-bounces at mail.pauldotcom.com <pauldotcom-bounces at mail.pauldotcom.com> To: PaulDotCom Security Weekly Mailing List <pauldotcom at mail.pauldotcom.com> Sent: Wed Feb 10 15:50:40 2010 Subject: [Pauldotcom] Suggestions on a Web App firewall? It's been over three years since I've been hands on any firewalls that have web app capabilities... so I'm going to open this up to folks like you. Yes you. You seem very nice and trust-able. Do you have any suggestions on web application firewalls? Specifically, I'm looking for something appliance based and (sorry to use this term) enterprise-y (specifically, as in nice centralized management for multiple nodes, etc). What are some products I should review? If you provide a name, please let me know what you like about it. Are there ones I should avoid? Thanks for your help! - Mick PS: please don't mention host based software options like mod_security (for apache) or eEye's whatchamacallit for IIS. We have host based solutions already. We want/need inline network devices in this instance... I don't care what GDead (Bruce from Shmoo Group) said... I still think security-in-depth is a worthy goal. ;-) _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com ****************************************************************************** This email contains confidential and proprietary information and is not to be used or disclosed to anyone other than the named recipient of this email, and is to be used only for the intended purpose of this communication. ****************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20100210/6c523155/attachment.htm
Current thread:
- Suggestions on a Web App firewall? Michael Douglas (Feb 10)
- Suggestions on a Web App firewall? Raffi Jamgotchian (Feb 10)
- Suggestions on a Web App firewall? Tidball, Christopher (Feb 11)
- <Possible follow-ups>
- Suggestions on a Web App firewall? Butturini, Russell (Feb 10)
- Suggestions on a Web App firewall? Robert Wahl (Feb 12)
- Suggestions on a Web App firewall? Raffi Jamgotchian (Feb 10)