Looking for the security of a Web Application Firewall, with the least amount of work.
I have been told I needed a Web Application Firewall (WAF) and wonder if it's smarter to use a Web Cloud based WAF? It's for a .NET MVC App. running on IIS.
It sounds like it's a smart way to get security, without first needing to become an expert in it. And to know they are always on the lookout, making their system more secure, would let me rest easier.
Any good names you can recommend?
Also, how difficult is it to "build our own?" What kinds of customization capabilities would we lose, if we went with a Cloud based version?
How long might it take to deploy a cloud version of the WAF?
If I wanted to use AWS, for example, must I also host my website with AWS?