Home > Information Security Magazine > Features > Core of the Matter
EMAIL THIS LICENSING & REPRINTS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  

Core of the Matter
by Sandra Kay Miller
Issue: Mar 2008
printer-friendly
licensing & reprints
< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   7  |   8  |   9  |   10  |   11  |   NEXT PAGE  >

About this Review

Barracuda Networks Web Application Gateway NC1100


Bee Ware iSentry IS200


Breach Security WebDefend


Citrix Application Firewall


F5 Networks Big-IP 8800 Application Security Manager


Imperva SecureSphere Web Application Firewall
 Information Security deployed six application firewall appliances from Barracuda Networks, Bee Ware, Breach Security, Citrix, F5 Networks and Imperva.

Each product was installed in our test lab between a network firewall and in front of or alongside the application servers (see "Inside The Lab," below), which included an Apache Web server and Microsoft Internet Information Server, each hosting a variety of applications including Web mail, an online forum and a Web site with shopping cart capabilities.

Client machines subjected to attack included systems running Microsoft XP SP2 with Internet Explorer and Linux (Debian 3.1) with Mozilla Firefox. We focused on common attacks against applications including buffer overflows, cookie tampering, SQL injection, session hijacking, cross-site scripting (XSS), cross-site request forgeries (CSRF), forms tampering, remote code execution, malicious code (Internet worms), denial of service, brute force login and forceful browsing.

Additionally, we configured application-side security features, such as Web site cloaking, and attempted to gain network and application configuration via nefarious reconnaissance practices such as identifying operating systems and Web server details through HTTP header data and scanning utilities like Nmap.

Breach's WebDefend was deployed in an out-of-line mode next to our Web servers using a span port.

--Sandra Kay Miller

Inside the lab
All application firewall appliances were deployed as reverse proxies (except for Breach Security's, which was attached to a span port) on a network between a traditional stateful inspection firewall and a variety of applications servers, including Microsoft IIS and Apache Web servers, Microsoft SQL, e-commerce applications with credit card transaction capability and an online forum. Browsers included Internet Explorer, Firefox, Netscape and Opera.


< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   7  |   8  |   9  |   10  |   11  |   NEXT PAGE  >





TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts