Comparative Product Review: Six Web Application Firewalls


This article can also be found in the Premium Editorial Download "Information Security magazine: Reviews of six top Web application firewalls."

Download it now to read this article plus other related content.

Ongoing maintenance and tuning plays a significant role in the continuing effectiveness of these devices, which cover numerous complex technologies and security issues. And, the pervasiveness of Web-based applications presents management challenges that make delegated administration an important factor.

Imperva offers the most granular administrative rights delegation and greatest ease of assigning rights and permissions. An expandable tree allowed us to instantly view administrative groups under which individuals are listed. Rights and permissions can be set globally, per group or per individual through a comprehensive list of available resources and applications. We could quickly set view/edit privileges. Individuals can be assigned to multiple groups as well, giving them different levels of access.

    Requires Free Membership to View

At the Core - Security Policy Control
The good news We especially like BreachMarks tagging. F5 features a good policy toolset, particularly for adaptive learning, and Imperva has an array of out-of-the box policies and attack signatures.

The bad news Bee Ware's policy creation is time consuming, poorly organized and difficult to navigate.

F5's comprehensive set of administrative tools supports its traffic management and load balancing capabilities, and the application security module. It helps tame the overwhelming task of administration by compartmentalizing objects such as virtual servers, URLs and databases for easier, more flexible delegation.

Similarly, Barracuda groups applications and resources into role-based administration silos to facilitate delegation. Navigation throughout the extensive feature set was relatively easy, despite complexity second only to F5. Roles define the user's permissions for command groups (meaning what type of actions) and are accessible for a particular site, so administrative duties can be delegated in a large or distributed environment.

Bee Ware keeps things simple by breaking down administrative tasks into two basic groups--administrators and webmasters. Administrators have access to global configurations and can create, disable or delete services and policies. Webmasters only have configuration rights to the services and policies for which they have been assigned permission. This provides the autonomy needed for different groups to make changes to their HTTP-based content as well as the overall security and oversight to prevent damage to active content pages.

This was first published in March 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: