Penetration Testing mailing list archives
Re: Question re: load balancers as a security device
From: bugtraq () cgisecurity net
Date: Wed, 23 Jan 2008 22:13:03 -0500 (EST)
While I'm not promoting it for a security solution some load balancers do support URL based filtering (Netscalers). This can be useful for *very specific* web worms/abuses however is not a WAF (which I'm not promoting :p) Regards, - Robert http://www.cgisecurity.com/ Application Security news and more http://www.webappsec.org/ The Web Application Security Consortium
kevin horvath escreveu:Load balancers do not provide any type of security. Load balancers will only distribute the traffic and not deny it. If your ISP manages all the security devices between you and the hosting facility then at a minimum you will want to put an additional firewall on your side so you can have some control of what accesses your network over this site to site tunnel. This will probably be easier (politically not technically) in a lager company.Some Load Balancers include IPS in their devices with additional license. Examples: Radware: LinkProof and AppDirector --> www.radware.com Nortel: NAS (Nortel Application Switch - Older Alteon) Regards, Marcos Pitanga ------------------------------------------------------------------------ Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.qasec.com/ ------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Question re: load balancers as a security device dan . tesch (Jan 22)
- Re: Question re: load balancers as a security device Matthew Leeds (Jan 23)
- Re: Question re: load balancers as a security device Justin Ferguson (Jan 23)
- Re: Question re: load balancers as a security device kevin horvath (Jan 23)
- Re: Question re: load balancers as a security device Marcos Pitanga (Jan 23)
- Re: Question re: load balancers as a security device bugtraq (Jan 25)
- Re: Question re: load balancers as a security device Marcos Pitanga (Jan 23)
- Re: Question re: load balancers as a security device Roland Dobbins (Jan 23)
- Re: Question re: load balancers as a security device Timothy Shea (Jan 25)
- Re: Question re: load balancers as a security device Roland Dobbins (Jan 28)
- Re: Question re: load balancers as a security device Robert E. Lee (Jan 29)
- Re: Question re: load balancers as a security device Timothy Shea (Jan 25)
- Re: Question re: load balancers as a security device Sanjay R (Jan 23)
- Re: Question re: load balancers as a security device David Howe (Jan 25)
- Re: Question re: load balancers as a security device Dotzero (Jan 25)
- <Possible follow-ups>
- Re: Question re: load balancers as a security device David Glosser (Jan 23)