Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: Application Firewall
From: Adriel Desautels <adriel () netragard com>
Date: Fri, 18 Jul 2008 11:50:04 -0400
Honestly,
Apache with mod_security setup as a reverse proxy is quite good. I've used that particular configuration in many instances and I have no complaints what so ever. You can build it yourself, or you can get an appliance from the ModSecurity folks. I HIGHLY recommend this solution. 

http://www.modsecurity.org/


Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Bryan S. Sampsel wrote:

Sidewinder from Secure Computing is an excellent application-proxy firewall.

So is Borderware.

IPCOP has aspects that qualify.

No, the ASA is a packet filter only firewall.  It's quite good at what it
does, but it does not handle the application layer.  And no, deep packet
inspection does not qualify.

O'Reilly made an awesome firewall book that you should read.  It's a
little dated, but the concepts are solid: Building Internet Firewalls.

For most of 'em, you'll need some coin.  Neither Sidewinder nor Borderware
come cheap.  IPCOP is ok for a SOHO setup, perhaps as many as 25
users...not sure beyond that.  But it's not engineered to be an enterprise
solution...though I'm sure someone has created a flavor of it that is.

Application proxy firewalls do give you some additional protection over
straight packet filter firewalls.  If you're talking a massive enterprise,
it takes more hardware to drive it as well, as there is some footprint
increase because of the proxies themselves.  However, when a user goes out
through a proxy, a hardened IP stack protects them, as no direct
connections are made between client and remote end.  With a packet filter,
the client talks directly to the remote end.

Hope that helps a bit.

Sincerely,

Bryan S. Sampsel
LibertyActivist.org


ams.sec () gmail com wrote:

Hi everyone,

Can anyone please list out some name of application level firewalls. Would
Cisco ASA qualify as a application firewall? I have heard it needs certain
addons to provide application screening functionality. Thanks a zillion.

Ams

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]