[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [WEB SECURITY] Comparisons of Web Application Firewalls
- From: "Brian Shura" <bshura@xxxxxxxxxxxxx>
- Subject: RE: [WEB SECURITY] Comparisons of Web Application Firewalls
- Date: Thu, 3 Jul 2008 12:07:01 -0500
------=_NextPart_000_000C_01C8DD05.4D53C650
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Ray,
You'll find some reviews/comparisons of WAFs in industry magazines, some of
which people have already given you the URLs for.
However, your best bet is to take these reviews with a grain of salt, talk
to some people in the industry to find out which WAFs people seem to think
are best, then bring in a couple of the most promising sounding products in
for an evaluation to see which one works best for your web applications.
The Web Application Firewall Evaluation Criteria should really help you
determine what you should be looking at during the evaluation:
http://www.webappsec.org/projects/wafec/ .
Keep in mind that the reviews you read in magazines are not going to be too
hard on any of the products because the magazines and article writers don't
want to burn bridges with any of the vendors. So some products will end up
with more positive reviews than they deserve. That's why you really need to
test these products out in your environment and decide for yourself what
works best for you and adds the most value.
Brian
_____
From: Ray Foo [mailto:gunblad3@gmail.com]
Sent: Wednesday, July 02, 2008 10:40 PM
To: websecurity@webappsec.org; webappsec @OWASP
Subject: [WEB SECURITY] Comparisons of Web Application Firewalls
Hi guys,
Does anyone know where I can find comparisons of WAFs? I've been Googling
around for some time already, but somehow have not been able to find such
information.
Any help would be appreciated, thanks in advance!
Regards,
Ray
No virus found in this incoming message.
Checked by AVG - http://www.avg.com
Version: 8.0.135 / Virus Database: 270.4.4/1531 - Release Date: 7/2/2008
7:02 PM
------=_NextPart_000_000C_01C8DD05.4D53C650
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns=3D"http://www.w3.org/TR/REC-html40";>
<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
p
{mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman";}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>Ray,<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>You’ll find some =
reviews/comparisons
of WAFs in industry magazines, some of which people have already given =
you the
URLs for.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>However, your best bet is to take =
these
reviews with a grain of salt, talk to some people in the industry to =
find out
which WAFs people seem to think are best, then bring in a couple of the =
most
promising sounding products in for an evaluation to see which one works =
best
for your web applications. The Web Application Firewall Evaluation
Criteria should really help you determine what you should be looking at =
during
the evaluation: </span></font><a
href=3D"http://www.webappsec.org/projects/wafec/";
title=3D"blocked::http://www.webappsec.org/projects/wafec/";>http://www.we=
bappsec.org/projects/wafec/</a>
.<o:p></o:p></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>Keep in mind that the reviews you read in magazines are not =
going to be
too hard on any of the products because the magazines and article =
writers don’t
want to burn bridges with any of the vendors. So some products =
will end
up with more positive reviews than they deserve. That’s why =
you
really need to test these products out in your environment and decide =
for
yourself what works best for you and adds the most =
value.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>Brian</span></font><font size=3D2 color=3Dnavy =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial;color:navy'><o:p></o:p></span=
></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<div>
<div class=3DMsoNormal align=3Dcenter style=3D'text-align:center'><font =
size=3D3
face=3D"Times New Roman"><span style=3D'font-size:12.0pt'>
<hr size=3D2 width=3D"100%" align=3Dcenter tabindex=3D-1>
</span></font></div>
<p class=3DMsoNormal><b><font size=3D2 face=3DTahoma><span =
style=3D'font-size:10.0pt;
font-family:Tahoma;font-weight:bold'>From:</span></font></b><font =
size=3D2
face=3DTahoma><span style=3D'font-size:10.0pt;font-family:Tahoma'> Ray =
Foo
[mailto:gunblad3@gmail.com] <br>
<b><span style=3D'font-weight:bold'>Sent:</span></b> Wednesday, July 02, =
2008
10:40 PM<br>
<b><span style=3D'font-weight:bold'>To:</span></b> =
websecurity@webappsec.org;
webappsec @OWASP<br>
<b><span style=3D'font-weight:bold'>Subject:</span></b> [WEB SECURITY]
Comparisons of Web Application Firewalls</span></font><o:p></o:p></p>
</div>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'>Hi guys,<br>
<br>
Does anyone know where I can find comparisons of WAFs? I've been =
Googling
around for some time already, but somehow have not been able to find =
such
information.<br>
<br>
Any help would be appreciated, thanks in advance!<br>
<br>
Regards,<br>
Ray<o:p></o:p></span></font></p>
<p><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial'>No
virus found in this incoming message.<br>
Checked by AVG - http://www.avg.com<br>
Version: 8.0.135 / Virus Database: 270.4.4/1531 - Release Date: 7/2/2008 =
7:02
PM</span></font><o:p></o:p></p>
</div>
</body>
</html>
------=_NextPart_000_000C_01C8DD05.4D53C650--
Brought to you by http://www.webappsec.org
Search this site
|