Proxies Add a Protective Shield: Page 5 of 22
Kavado InterDo 2.5 Web Application Firewall
InterDo 2.5 is extremely easy to get up and running. Its configuration is intuitive and direct, and the interface lets you segregate your various Web applications and apply security configuration parameters.
Rule management got a bit confusing when we had lots of Web applications, each having many URL rules, but InterDo's automated rule generation can be supplemented by the use of Kavado's vulnerability scanner product, ScanDo. ScanDo exports vulnerability reports to InterDo, which can arrange rules accordingly to protect against the discovered problems.
InterDo features native IP blocking, which can cut off addresses generating too many security alerts. This provides dynamic firewalling capabilities without requiring an OPSEC (Open Platform for Security)-compliant firewall. You will still want an upstream firewall/filter to keep the InterDo host (which is Windows under the hood) from being compromised.
InterDo handled all our URL encoding schemes and caveats, and it understands different character code pages, making foreign character support a cinch. Handling of complex tunneled HTTP protocols, like Java RMI, was manageable thanks to InterDo's "simple tunnel" pass-through support. Using simple tunnels won't provide security protection, but at least you can pass non-HTTP data without having to bypass the security proxy.
InterDo failed in only one area: protecting against form-field tampering. We changed hidden field elements and sent arbitrary checkbox and select menu values. This let us change the prices of items as we added them to our shopping cart. If Kavado were to add this feature, InterDo would be our top pick. Until then, proceed with caution or use AppShield.