• 03/10/2003
    5:00 PM
  • Network Computing
  • News
  • Connect Directly
  • Rating: 
    0 votes
    Vote up!
    Vote down!

Proxies Add a Protective Shield

Web security proxies--aka, Web application firewalls--can detect and mitigate common attacks, but configuration is crucial. Kavado InterDo and Sanctum AppShield ran neck-and-neck, but AppShield captured the top spot--for now.

InterDo 2.5 Web Application Firewall. Kavado, (800) 239-3203, (646) 274-7238.

Teros Teros-100 APS

Teros' APS was the only appliance we tested. It is also the only product capable of acting as a network bridge instead of a proxy, which means it can be deployed transparently without your having to reconfigure your network. This eliminates the hassle of rearranging IP addresses of already deployed Web servers.

The APS uses an "adaptive learning" rule generator, which produces recommendations based on observed traffic. The recommendations fared well except for some of the trickier URL formats, which required manual intervention and regular-expression reworking. Rule configuration struck a decent balance between simplicity and granularity.

Administratively speaking, we have two complaints: The error and security logging messages are frustratingly vague, making it difficult to troubleshoot violations. Also, the APS' default form-field-character filter, like AppShield's, is inadequate at protecting against SQL attacks.

The APS also has a configuration nuance that concerns us: It treats form-field names as global across your site. This could be a problem on sites that use form-field names inconsistently. You'll need to use the least-restrictive filter for that field, which is less secure. The workaround is to recode your Web application to use unique form-field names--that is, if you are able to make code changes in your Web applications.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.

Log in or Register to post comments