10.06.2009
. With a learning engine, the WAF learns about applications so it can create and even enforce rules. In very dynamic environments, Krikken says, it's better for the WAF to alert you to aberrant behavior than block it.
Patel uses Breach's learning engine, which he says profiled Web applications over a couple of months. During that time, it flagged irregular behavior, which his team reviewed. "You need a certain level of comfort that it's going to make the right decisions," he says. Over time, however, Patel wanted automated blocking. "With the amount of traffic we get on the site, it's key that the WAF recognizes irregularities and shuts down those attempts while they're happening, rather than later on," he says.
For instance, the WAF now stops competitors from scraping product data from the website, which includes millions of SKUs, as well as pricing information. "If we see someone is checking data weekly or monthly, that represents a huge loss of competitive intelligence," Patel says.
. Jarden's Nelson chose Check Point's product in part for its enterprise-level console, which provided centralized management for all of Jarden's firewalls. He particularly likes that he can group the firewalls into what's called "containers" and apply different policies within those containers.
Meanwhile, the security-messaging engineer at a nutritional supplements manufacturer says a big advantage of the Barracuda system he uses is its scalability. The company's main motivation for a WAF was to provide a secure Web mail interface to users who wanted to access e-mail from around the world. It also uses it to protect against application-layer attacks.
» Android » Apple » Blackberry » Bring your own device
» Cloud Computing » Dienstwagen » E-Commerce » E-Mail
» Facebook » Interim Management » iPad » iPad Apps
» iPhone » Linkedin » Office 365 » Projektmanagement
» Recruiting » Rolle des CIO » SaaS » Scrum
» SWOT-Analyse » Top-CIOs » twitter » Virtualisierung
Newsletter von CIO.de
