Solved

Need help to make Comparison between Imperva, Websense, Citrix Netscaler

Posted on 2012-03-13
6
3,074 Views
Last Modified: 2016-10-25
hi all

i new in the company and there was some meeting and some solution for WAF( WEB APPLICATION FIREWALL) was made on Citrix Netscaler .

now i suggested, based on things i heard and learned , that the best-of-bread in WAP are
Imperva and Websense.

now i was asked by the CTO to make Comparison table between the 3 product, and i dont know where to begin...

i think that this kind of table is not really practicall to generate , at least one that can give you a real picture.

so i tried to search gartner reashe Studies that can prove my case, i know they have those charts  called Magic Quadrant that show there findings about the best-of-bread product,
for example:

example
this chart is about firewall, but i google and read that they made simular research about web application firewalls (WAF), how ever i couldnt access in from the site as they want u to pay alot of $$$ for the complite reaseach

i dont need the complite research, only the Magic Quadrant graph, can someone tell me where i can find it?

or mabye as althenetive, some comperision table between those product as i was request by the CTO? (or tips how to make usfule one, it also be good that this  comperision table will point that imperva and websense are better solution overall, to support my case when i stated that they are the "best-in-bread" products.

any help will be appriciated

thx in advannce
0
Comment
Question by:ymg800
  • 3
  • 3
6 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37718586
> .. that the best-of-bread in WAP [sic!] are ...
hmm, there'are different opinions about that, and they all -the opinions- are right in some way

> .. to make Comparison table ..., and i dont know where to begin...
for comparsion *and just for that: comparsion* see here
  http://www.webappsec.org/projects/wafec/WAFEC

> .. search gartner ..
IMHO that's a worse place to get technical information about the "best bread"
and the magic quadrant is far too old, as a couple of new products entered the market in last 2 years

> .. some comperision table between those product ..
you won't find one, except biased ones
(if you find one, tell me:)


i.g. I highly recommend that you make yourself used to WAFs, how they work, what they do, how they protect, what they protect, how they are integrated and what you need to change in your network topology
after doing that, you need think about operation and such
a good starter for all that is:
  https://www.owasp.org/index.php/Best_Practices:_Web_Application_Firewalls

if you compare magic quadrants you get differnt results than when you compare coloured product sheets, or if you compare your requirements with marketing buzzwords of vendors

I won't name "best bread" and I won't prefere any vendor or product as they all have their pros & cons, so this list of current products (not vendors)  incomplete and unsorted in any way:
  Airlock, ASM, BeeWare, FortiWeb, hyperguard, Model 460/660/860, ModSecurity, NetScaler, rWeb, SecureSpere, StingRay
0
 
LVL 61

Expert Comment

by:btan
ID: 37724424
There is no gartner for web application firewall as yet and pls do not confuse it with the term such as next generation firewall or unified threat mgmt module. Complete different objective and capability. Web application focus primarily on layer 7 prtection like web traffic, like http, https, web services 2.0, xml firewall etc. there are a few more recognised waf such as f5 asm, trustwave...

Some are evem mentioned in sans top 20 critical controls, there is memtioned of some good waf
 http://www.sans.org/critical-security-controls/control.php?id=6
Also should not neglect there capability top have compliance checks as part of pci dss compliance. F5 and imperva has that. Mostly there is virtial edition of waf as services which can give and advantage edge in cloud deployment. Knew both of th are into these spaces. Probably these defendng of L7 ddos is one criteria top make judgemental call to...who can handle slowloris, slow post http attack and apache killer easily at time of exploit release

 The Web Application Firewall Evaluation Criteria project (WAFEC), this open community of users, vendors, academia and independent analysts and researchers created a common
Poevaluation criterion for WAF adoption that is still maintained today.
0
 
LVL 61

Expert Comment

by:btan
ID: 37724431
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37724629
breadtan, thanks for the infos they're helpfull, somehow (my comments below are no personal offence:)

> .. capability top have compliance checks as part of pci dss compliance.
LOL
some WAFs claim to protect agains OWASP Top 10, but this is technical BS as it is impossible for now

seen in the papers:
> Active Learning – The Candidate Web Application Firewall Product must be capable of
augmenting web application protection with an active learning mechanism without negatively affecting intended functionality of the protected web application.

ROFLOL, such a requirement could only be written by someone who never configured a WAF for real life applications
depending on your application and/or WAF, if you use active learning, your WAF learns the attacks too, as attacker I'd love such things :-)

> VT2 – The Candidate Web Application Firewall Product must demonstrate through testing that it is not vulnerable to any publicly known exploits or vulnerabilities.
haha, some of the products listed at icsalabs site are vulnerable to CSRF since ages ...


---
evaluating a WAF is no simple work (as I already explained), and I highly recommend that you test a WAF yourself with your application before you bye one
WAFs are a proper protection, but only if used properly, then you have a good system and a defense in depth
0
 
LVL 61

Expert Comment

by:btan
ID: 37728271
Definitely seeing these same light ahoffmann. Thks. Indeed without the knowledge of web apply and briding these vulnerability exposed, no device will be maximise top defend or perform virtual patching. That said secure coding practices need to be adopted as eventually we are not saying waf is these silver bullet. It can be also a point of failure interesting since it can be deployed inline behind firewall and infront of your web server. In short, many consideration to factor in for a unified security architecture rollout.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 37728295
> In short, many consideration to factor in ...
that's deeply explained in the OWASP paper, see my very first comment
0

Join & Write a Comment

By this time the large percentage of day-to-day transactions have shifted to mobile banking; here are some overriding areas QAs must investigate while testing mobile banking apps.  
This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now