WebApp Sec mailing list archives
Re: web appliaction security products (AKA application firewalls)
From: securityarchitect () hush com
Date: Fri, 22 Nov 2002 10:09:45 -0800
I have only looked at them all in brief. When my management found out we were gonna stick a box between us and our customers that may stop a legitimate customer coming in it got dropped like a lead ballon. I have heard some horror stories of new applications coming online that aren't classically written that get blocked. One has problems with anything where you make changes in any way client-side (read if you have Javascript or vbscript avoid like the plague). The proxy based ones are in my opinion the worst idea. The throughput of them is pretty bad, they cant deal with load balancing well (cisco director ). They thruput issue is the big one. They are usually based on a single Linux box and so just don't scale. If you wanna see SSL they also have to decrypt ssl and so are effectively a choked router. If I were you and money is no object look at one of the new hardware based IDS's that do anomoly detection. When it sits on the network and knows the normalized packet characteristics, they pretty easily spot wierd behaviour. On Wed, 20 Nov 2002 00:21:21 -0800 Shimon Silberschlag <shimons () bll co il> wrote:
What is the group experience with these type of devices? Any good, bad or horror stories about using/maintaining them? Any specific recommendations? I know the charter doesn't really cater for discussion of commercial tools so please keep answers generic and objective Shimon Silberschlag +972-3-9352785 +972-51-207130
Get your free encrypted email at https://www.hushmail.com
Current thread:
- web appliaction security products (AKA application firewalls) Shimon Silberschlag (Nov 22)
- Re: web appliaction security products (AKA application firewalls) Skip Carter (Nov 23)
- Re: web appliaction security products (AKA application firewalls) Kevin Spett (Nov 23)
- RE: web appliaction security products (AKA application firewalls) Fernando Martins (Nov 24)
- Re: web appliaction security products (AKA application firewalls) Jason Childers (Nov 24)
- Re: web appliaction security products (AKA application firewalls) Bennett Todd (Nov 25)
- <Possible follow-ups>
- RE: web appliaction security products (AKA application firewalls) Lars Troen (Nov 24)
- Re: web appliaction security products (AKA application firewalls) Dave Aitel (Nov 24)
- Re: web appliaction security products (AKA application firewalls) securityarchitect (Nov 24)
- Re: web appliaction security products (AKA application firewalls) Dave Aitel (Nov 24)