Web Application Firewall
|
Web Application Firewalls work at the application layer – much higher than traditional solutions such as firewalls and IPS – to intercept all incoming and outgoing traffic to and from applications, validating and securing requests before they are allowed to pass through to back-end servers. These products understand the application logic, and have a detailed knowledge of the acceptable rules of engagement between the external client and the internal application server. They are thus capable of inspecting the content of each request and response and applying a complex set of rules in order to ensure that the client is not doing anything untoward. To assess the complex matrix of WAF performance and security requirements, NSS Labs has created a test suite containing hundreds of individual tests that evaluate these products in three main areas: performance and reliability, security effectiveness, and usability. This thorough review should give readers a complete perspective of the capabilities, maturity and suitability of the products tested for their particular needs.
Current Certified Products: |
|
WebAppFirewall Detailed Methodology