Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Qualys Adds Cloud-Based Web Application Firewall

Vulnerability management specialist Qualys has branched out into the Web application firewall (WAF) market. The company recently released a beta version of a cloud-based WAF as an Amazon Machine Image (AMI) for applications on Amazon EC2.

According to the company, the service is offered through the QualysGuard Cloud Platform, and is designed to provide centralized management and distributed protection. In September, the Qualys WAF will also be released as a VMware virtual image for on-premise Web applications.

More Insights


More >>

White Papers

More >>


More >>

Eric Ogren, founder of analyst firm The Ogren Group, said the move by Qualys makes sense on a number of fronts. For one, it dovetails nicely with the company's core competency in vulnerability management, including its cloud-based vulnerability scanner, he said. In addition, cloud-based WAFs should be attractive to small and midsized businesses (SMBs) dealing with issues surrounding Payment Card Industry DSS compliance.

"Qualys knows how to identify vulnerabilities and craft antidotes, so this fits their people and organizational skill set really well," Ogren said.

"Having said all of that, I'm not sure too many people will get rich on WAFs," he added. "But still, it is a nice fit and while it may not be low hanging fruit for other vendors, it probably is for Qualys."

While other vendors use a pure public cloud model, Qualys' distributed approach means that all the customer's policies and event management are handled through the central Qualys software-as-a-service (SaaS) user interface and application programming interface (API), Matthieu Estrade, Qualys product director for WAF, said in an interview.

Today, the company allows customers to move sliders in the user interface to determine the aggressiveness of their response, he said. Customer-specific variables can also be added into the mix to further tune the rules.

[Security is often a difficult balancing act. Read how in "Email Encryption And The Goldilocks Principle."]

Jon Oltsik, senior principal analyst with Enterprise Strategy Group, said in an email that many organizations look at a Web application firewall as a compliance requirement rather than a true layer of protection, which he believes is a mistake.

"I’ve heard that the Qualys WAF is rather lightweight, which is fine for basic websites but not adequate for more complex Web application programming," he said. "As long as Qualys targets this market segment, it is a good move, but I can’t see it moving up to compete with the likes of Imperva anytime soon."

Imperva offers a cloud-based WAF service called Encapsula that also includes DDoS protection.

Related Reading

Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

Research and Reports

Network Computing: April 2013

TechWeb Careers