I run a medium sized web site and am looking for a
firewall/application gateway solution to secure the
site. I am looking for something more than the typical
Checkpoint style packet filtering firewall though (we
already run a Checkpoint firewall). I'd prefer
something that can protect against malicious
manipulation of web applications, for example,
repeated attempts to log into the site with
random passwords, or malicious data in a posted form,
or cookie reverse eng. These attacks pass right
through the open http port on the packet filter or
application gateway firewall.
Basically, I need something that secures applications
by enforcing security policy at the application layer
through _semantic_ rules. For example, a browser will
not be allowed to GET a url that was never sent to it
in some html response earlier. Or POST a form with
hidden fields changed, or send back a cookie that was
not issued to it by the server etc.
Performance is fairly important -- we get a few
hundred requests per second at peak load and the
firewall must be able to handle that.
Thanks for any leads in this space,
M
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
