[WASC-WAFEC] What should we change in WAFEC 2.0?

Christian Heinrich christian.heinrich at cmlh.id.au
Tue Jun 19 17:52:15 EDT 2012


My recommendation would be to produce a high level draft of customer
requirements of items that complement a WAF and then have this
endorsed by end user(s) for inclusion or; as a supplement to WAFEC.

On Wed, Jun 20, 2012 at 3:08 AM, Kenneth Salchow <k.salchow at f5.com> wrote:
> I'm not sure what you are asking for Christian ... are you looking for customer references that state that customers have other solutions (SSO, SSL-VPN, UTM, Firewall, etc) that they will be deploying alongside WAF?  I kind of thought that we could all agree that customers weren't installing WAF devices all by themselves; that would be kind of simplistic if you ask me.
> Further, yes, I do think we should mention all the regional certifications related to power consumption or other implementation issues.  As a customer (and while I'm not one now ... I was one once) those are ALL important things to me.  Why would I bother to investigate a solution that I would not be able to actually deploy because it doesn't meet the requirements of my environment?
> However, if everyone thinks it is of no value to customers to know this kind of information ... then that's fine by me.  I just personally think you are doing a disservice to the end customer to simply dismiss these items.  Today's networks are far too complex to simply ignore how devices interact with each other.

Christian Heinrich


More information about the wasc-wafec mailing list