Resources
Location:
Enhancing Application Security With a Web Application Firewall

Enhancing Application Security With a Web Application Firewall

Title:Enhancing Application Security With a Web Application Firewall (ID: EPS305)
Author(s):Neil Matatall (University of California, Irvine)
Topics:Firewalls, Internet Security, Network Security and Applications
Origin:Higher Education Information Security Council (formerly the Security Task Force) (07/15/2009)
Type:Effective Practices
Abstract:

UC Irvine has done extensive research in comparing the many different options short of physically testing each appliance. After meeting with each vendor, UC Irvine asked them to send a completed version of the Web Application Firewall Evaluation Criteria from the Web Application Security Consortium (WASC). UC Irvine combined these into a single document that allowed for side-by-side comparison of each feature and created a list of core requirements: "positive" security model that profiles application behavior and rejects anomalies, centralized device that won't introduce a bottleneck in performance, strong attack signatures with updates and the ability to write custom rules, detection only and block modes of operation, and data leakage protection.

View this resource:
 |  | 
Bookmark/Search this page with:
   del.icio.us   Digg   Google   Yahoo   Technorati Stumbleupon Facebook Twitter

 
© Copyright 1999-2009 EDUCAUSE
  Unless otherwise noted, EDUCAUSE holds the copyright on all materials published by the association, whether in print or electronic form. In certain cases the work remains the intellectual property of the individual author(s) (see Special Circumstances). Content from conference speeches, presentations, blogs, wikis and feeds reflect the opinions of the author, and not necessarily those of EDUCAUSE or its members.