WASC Web Application Firewall Evaluation Criteria Project Mailing List
View all threadsI agree that the focus should be on the waf functionality and selection criteria rather than other product categories.
Connected by DROID on Verizon Wireless
-----Original message-----
From: Kit Wetzler Kit.Wetzler@citrix.com
To: "wasc-wafec@lists.webappsec.org" wasc-wafec@lists.webappsec.org
Sent: Sun, Oct 21, 2012 16:42:50 GMT+00:00
Subject: Re: [WASC-WAFEC] Annexure or Supplement Proposed by F5
I agree with this as well. I'd rather not complicate the situation. It's hard enough to select and differentiate a WAF, let alone to go into the ecosystem a WAF lives in. (and this is coming from a load balancing vendor!)
The best thing we can do for WAFEC, imho, is to keep it as simple as possible, to describe the various capabilities of WAFs (security and visibility) and let the customer decide which deployment mode to use. (That said, I'm happy to describe theoretical deployment modes - integrated to load balancer, inline, proxy, span port, integrated to server, etc, since they DO differentiate.)
--
Kit Wetzler
Citrix Systems, Inc
Networking and Cloud Product Group (NetScaler, Branch Repeater and Access Gateway)
-----Original Message-----
From: wasc-wafec [mailto:wasc-wafec-bounces@lists.webappsec.org] On Behalf Of Achim Hoffmann
Sent: Sunday, October 21, 2012 9:32 AM
To: Matthieu Estrade
Cc: wasc-wafec@lists.webappsec.org
Subject: Re: [WASC-WAFEC] Annexure or Supplement Proposed by F5
Am 21.10.2012 14:01, schrieb Matthieu Estrade:
...
... I think they are too close to the
business of the WAF vendor.
Please don't get me wrong: my objections are not according WAF vendors, but according Load Balancer and such.
It's not about keeping vendor biases off from the discussion, they are valuable please give us your opinions, but it's about focusing on WAFs.
Achim
wasc-wafec mailing list
wasc-wafec@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/wasc-wafec_lists.webappsec.org
wasc-wafec mailing list
wasc-wafec@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/wasc-wafec_lists.webappsec.org