[WEB SECURITY] thoughts on WAF deployment options?

Ryan Barnett rcbarnett at gmail.com
Tue Apr 22 17:21:42 EDT 2008


On Tue, Apr 22, 2008 at 4:58 PM, Arian J. Evans <arian.evans at anachronic.com>
wrote:

> > One correction - Breach's WebDefend is out of line (you had it in the
> >  inline transparent bridge group).
>
> Thanks.
>
> To clarify my post (correct me again if wrong): Mod runs inline proxy
> only, and WedDefend OoB. (I knew there was another OoB product
> I'd seen besides Imperva, but couldn't remember it)


We just completed a ModSecurity user survey so I actually have some info :)
Open source Mod users typically run it embedded, however using it in a
reverse proxy scenario is also popular.  Breach has a commercial appliance
called the M1100 that uses Mod as the base WAF-engine and it can be run in a
transparent bridge mode.



>
>
> To be clear -- I am not working with Breach WebDefend products.
> The *only* WAF I've worked wtih recently is F5, though I've worked
> with most of them on the market over the last 7 years.
>
> I *have* heard multiple positive things about WebDefend's technology
> from both technical peers at VARs, and several customers I work with.
>
> While second-hand info, they are opinions from smart folks, hence
> my recommendation to put that on the investigation list.
>
> btw// I hear a lot of *talk* about Modsecurity, but I don't know anyone
> who actually runs it (another topic of discussion).
>

Yeah, like most security related products, getting people to publicly state
what they are using is often a chore.  As I stated in my previous response,
there are many very large Mod deployments however we are under an NDA with
most of them.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20080422/dc48bc7d/attachment.html>


More information about the websecurity mailing list