Solved

Need help to make Comparison between Imperva, Websense, Citrix Netscaler

Posted on 2012-03-13
6
3,177 Views
Last Modified: 2016-10-25
hi all

i new in the company and there was some meeting and some solution for WAF( WEB APPLICATION FIREWALL) was made on Citrix Netscaler .

now i suggested, based on things i heard and learned , that the best-of-bread in WAP are
Imperva and Websense.

now i was asked by the CTO to make Comparison table between the 3 product, and i dont know where to begin...

i think that this kind of table is not really practicall to generate , at least one that can give you a real picture.

so i tried to search gartner reashe Studies that can prove my case, i know they have those charts  called Magic Quadrant that show there findings about the best-of-bread product,
for example:

example
this chart is about firewall, but i google and read that they made simular research about web application firewalls (WAF), how ever i couldnt access in from the site as they want u to pay alot of $$$ for the complite reaseach

i dont need the complite research, only the Magic Quadrant graph, can someone tell me where i can find it?

or mabye as althenetive, some comperision table between those product as i was request by the CTO? (or tips how to make usfule one, it also be good that this  comperision table will point that imperva and websense are better solution overall, to support my case when i stated that they are the "best-in-bread" products.

any help will be appriciated

thx in advannce
0
Comment
Question by:ymg800
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37718586
> .. that the best-of-bread in WAP [sic!] are ...
hmm, there'are different opinions about that, and they all -the opinions- are right in some way

> .. to make Comparison table ..., and i dont know where to begin...
for comparsion *and just for that: comparsion* see here
  http://www.webappsec.org/projects/wafec/WAFEC

> .. search gartner ..
IMHO that's a worse place to get technical information about the "best bread"
and the magic quadrant is far too old, as a couple of new products entered the market in last 2 years

> .. some comperision table between those product ..
you won't find one, except biased ones
(if you find one, tell me:)


i.g. I highly recommend that you make yourself used to WAFs, how they work, what they do, how they protect, what they protect, how they are integrated and what you need to change in your network topology
after doing that, you need think about operation and such
a good starter for all that is:
  https://www.owasp.org/index.php/Best_Practices:_Web_Application_Firewalls

if you compare magic quadrants you get differnt results than when you compare coloured product sheets, or if you compare your requirements with marketing buzzwords of vendors

I won't name "best bread" and I won't prefere any vendor or product as they all have their pros & cons, so this list of current products (not vendors)  incomplete and unsorted in any way:
  Airlock, ASM, BeeWare, FortiWeb, hyperguard, Model 460/660/860, ModSecurity, NetScaler, rWeb, SecureSpere, StingRay
0
 
LVL 64

Expert Comment

by:btan
ID: 37724424
There is no gartner for web application firewall as yet and pls do not confuse it with the term such as next generation firewall or unified threat mgmt module. Complete different objective and capability. Web application focus primarily on layer 7 prtection like web traffic, like http, https, web services 2.0, xml firewall etc. there are a few more recognised waf such as f5 asm, trustwave...

Some are evem mentioned in sans top 20 critical controls, there is memtioned of some good waf
 http://www.sans.org/critical-security-controls/control.php?id=6
Also should not neglect there capability top have compliance checks as part of pci dss compliance. F5 and imperva has that. Mostly there is virtial edition of waf as services which can give and advantage edge in cloud deployment. Knew both of th are into these spaces. Probably these defendng of L7 ddos is one criteria top make judgemental call to...who can handle slowloris, slow post http attack and apache killer easily at time of exploit release

 The Web Application Firewall Evaluation Criteria project (WAFEC), this open community of users, vendors, academia and independent analysts and researchers created a common
Poevaluation criterion for WAF adoption that is still maintained today.
0
 
LVL 64

Expert Comment

by:btan
ID: 37724431
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 37724629
breadtan, thanks for the infos they're helpfull, somehow (my comments below are no personal offence:)

> .. capability top have compliance checks as part of pci dss compliance.
LOL
some WAFs claim to protect agains OWASP Top 10, but this is technical BS as it is impossible for now

seen in the papers:
> Active Learning – The Candidate Web Application Firewall Product must be capable of
augmenting web application protection with an active learning mechanism without negatively affecting intended functionality of the protected web application.

ROFLOL, such a requirement could only be written by someone who never configured a WAF for real life applications
depending on your application and/or WAF, if you use active learning, your WAF learns the attacks too, as attacker I'd love such things :-)

> VT2 – The Candidate Web Application Firewall Product must demonstrate through testing that it is not vulnerable to any publicly known exploits or vulnerabilities.
haha, some of the products listed at icsalabs site are vulnerable to CSRF since ages ...


---
evaluating a WAF is no simple work (as I already explained), and I highly recommend that you test a WAF yourself with your application before you bye one
WAFs are a proper protection, but only if used properly, then you have a good system and a defense in depth
0
 
LVL 64

Expert Comment

by:btan
ID: 37728271
Definitely seeing these same light ahoffmann. Thks. Indeed without the knowledge of web apply and briding these vulnerability exposed, no device will be maximise top defend or perform virtual patching. That said secure coding practices need to be adopted as eventually we are not saying waf is these silver bullet. It can be also a point of failure interesting since it can be deployed inline behind firewall and infront of your web server. In short, many consideration to factor in for a unified security architecture rollout.
0
 
LVL 51

Accepted Solution

by:
ahoffmann earned 500 total points
ID: 37728295
> In short, many consideration to factor in ...
that's deeply explained in the OWASP paper, see my very first comment
0
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question