Comparative Product Review: Six Web Application Firewalls


This article can also be found in the Premium Editorial Download "Information Security magazine: Reviews of six top Web application firewalls."

Download it now to read this article plus other related content.

While all of this first appeared extremely complex, F5 features a clean and informative interface coupled with outstanding documentation and technical support. The complexity was offset by the rich load balancing and traffic management features necessary for delivering application security in big pipe environments.

    Requires Free Membership to View

At the Core - Administration
The good news Imperva offers highly granular features for delegating administration and assigning rights and permissions, with a comprehensive, easy-to-use interface.

The bad news Citrix's interface is intuitive and well-designed, but the options are limited, which may not suit some organizations' requirements.

Citrix required a lot of manual entry, but offered a clean Windows-based configuration utility. It wasn't as time consuming as Barracuda's Web Firewall's setup or as complex as F5, which required extensive understanding about network traffic management prior to setting up the security features.

Barracuda is somewhat complex and took a long time to set up. Even though we used Barracuda's Web application wizard, an extensive amount of manual security configuration was required to effectively protect our test applications against our attacks. Since Bar-racuda boasts of its ability to be set up in a pro- duction environment without causing disruption, we initially de-ployed the box in passive mode, producing logs that identified actions that would have been taken if it was in active response mode--for example, blocking traffic from an IP that was performing a brute force login, forceful browsing or bot activity. This allowed us to effectively tune the appliance prior to switching to active mode--a real plus for security managers without the time or resources to first deploy in a mirrored test environment.

Consider This
WEB APPLICATION FIREWALLS have additional features, such as those related to traffic management, including SSL acceleration, caches, compression, load balancing and high availability. The growing adoption of high bandwidth technologies requires that solutions are capable of delivering security without latency. Other factors that may influence your purchase decision are regulatory compliance features and out-of-the box policies and signatures to get you started without a lot of customization.

CLICK HERE for a PDF comparison of "Web Application Firewalls".

This was first published in March 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: