This article can also be found in the Premium Editorial Download "Information Security magazine: Reviews of six top Web application firewalls."
Download it now to read this article plus other related content.
No longer can security managers focus only on perimeter and host security. The application has become the prime target for hackers. We review six leading Web application firewalls that help deliver your critical apps securely.
Add PCI-DSS requirements for application security, and it's easy to see why Web application firewalls, once considered niche technology, are gaining traction in corporate data centers. They prevent attacks that network firewalls, IDS/IPS and antivirus filters cannot by limiting suspect access through combinations of behavioral analysis and policy controls.
In a head-to-head review, Information Security examined six application firewall appliances, all of which delivered centralized management, enterprise reporting and comprehensive protection for applications: Barracuda Networks' Web Application Gateway (formerly NetContinuum); Bee Ware's
| iSentry; Breach Security's WebDefend; Citrix's Application Firewall; F5 Networks' Big-IP 8800 Application Security Man-ager; and Imperva's SecureSphere Web Application Firewall.
Each product was graded on ease of installation and configuration; administration; depth of security policy control; monitoring, alerting, auditing and reporting; and overall security effectiveness.
This was first published in March 2008