Readers vote on the best Web Application Firewalls products in 2012: Standalone Web application firewalls and WAFs that are part of application acceleration/delivery systems.
In this part:
Gold: FortiWeb-400C, Fortinet
Fortinet's FortiWeb-400C won the gold in the Web Application firewall category, scoring especially high marks for its ability to block intrusions, attacks and unauthorized network traffic. Readers also rated the product highly in a number of other areas, including its application-layer controls, central management capabilities and logging, monitoring and reporting features. Overall, they feel they're getting their money's worth.
FortiWeb-400C offers flexible deployment options and is well suited for midsized organizations. It secures Web applications and protects corporate assets by blocking threats such as XSS, SQL injection, buffer overflows and DoS attacks. The product includes active/passive high availability support to ensure critical applications remain available. A Web vulnerability scanner complements the WAF capability by providing analysis of existing application vulnerabilities. User activity is automatically profiled to create a baseline of permissible activity. FortiWeb-400C is part of Fortinet FortiWeb WAF product line, which includes appliances for large enterprises and service providers as well as virtual appliances for implementing Web security within a virtual environment.
Expert's market reflection: "Enterprises are leveraging Web application firewalls investments as a cost effective means to secure Web applications. Many security experts still say 'WAFs are useless,' but we find that—when properly deployed -- they raise the bar for security." -- Adrian Lane, CTO and security strategist, Securosis
Silver: F5 Networks BIG-IP Application Security Manager
Readers awarded the silver to F5 Networks BIG-IP Application Security Manager (ASM), giving the WAF high scores for its central management capabilities. They also like the product's ability to block intrusions and attacks and appreciate the vendor support and service they get with it. The BIG-IP ASM integrates with a range of vulnerability scanners and provides granular details about attacks and violations. It correlates multiple violations and blocks attacks based on geolocation data.
Bronze: Barracuda Web Application Firewall, Barracuda Networks
The Barracuda Web Application Firewall won the bronze, garnering strong rating for its ability to block intrusions, attacks and unauthorized network traffic. With threat profiles that are continuously updated, the WAF protects against a broad range of attacks including SQL injection, XSS, session tampering and buffer overflows. Content caching, data compression and SSL acceleration work to optimize application performance. User authentication via LDAP, RADIUS and other systems provides administrators with the ability to enforce granular user application access policies.