Check out Breach's Web Defend WAF (http://www.breach.com/products/webdefend.html). This is an enterprise solution with appliances that can scale depending on traffic volume. It has a very nice management interface and can be deployed in-line or out-of-line. It does not require other hardware to be in place like f5. You may also want to check out Apache mod_security. Not appliance based, but has some good capabilities. Chris
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Raffi Jamgotchian Sent: Wednesday, February 10, 2010 6:21 PM To: PaulDotCom Security Weekly Mailing List Subject: Re: [Pauldotcom] Suggestions on a Web App firewall? Mick, check out Fortinet's Fortiweb; http://www.fortinet.com/products/fortiweb/1000B.html They also have a separate product for Database security: http://www.fortinet.com/products/fortidb/ I think they would be considered enterprise-y On Feb 10, 2010, at 4:50 PM, Michael Douglas wrote: > It's been over three years since I've been hands on any firewalls that > have web app capabilities... so I'm going to open this up to folks > like you. Yes you. You seem very nice and trust-able. > > Do you have any suggestions on web application firewalls? > Specifically, I'm looking for something appliance based and (sorry to > use this term) enterprise-y (specifically, as in nice centralized > management for multiple nodes, etc). > > What are some products I should review? If you provide a name, please > let me know what you like about it. Are there ones I should avoid? > > > > Thanks for your help! > - Mick > > PS: please don't mention host based software options like mod_security > (for apache) or eEye's whatchamacallit for IIS. We have host based > solutions already. We want/need inline network devices in this > instance... I don't care what GDead (Bruce from Shmoo Group) said... > I still think security-in-depth is a worthy goal. ;-) > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com This communication is the property of Qwest and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments. _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
