Heavy Networking 449: Web Application Firewall Fundamentals

Heavy Networking - Een podcast door Packet Pushers - Vrijdagen

Categorieën:

On today’s Heavy Networking our topic is Web application firewalls (WAFs). Which, in the traditional sense, are neither web applications nor firewalls.
So what are these strange creatures? If my company doesn’t have one, should I go to the pet store and get one? Will they bite me if I’m not careful? What does a web application firewall eat?
Helping us understand how to feed and care for our very own web application firewall is Scott Hogg, who you might know from the IPv6 Buzz podcast, part of the Packet Pushers podcast network.
We discuss:

* How a WAF differs from typical firewalls
* The security problems WAFs try to solve (protecting vulnerable Web apps)
* How WAFs are deployed
* The architecture of a typical WAF
* Operational challenges
* How attackers bypass WAFs
* The role of WAFs in cloud applications
* More

Sponsor: ITProTV
Get over 65 hours of free technical training from ITProTV. ITProTV offers online instruction in CompTIA, Cisco, VMWare, Microsoft and more. You can stream courses live and on demand on your favorite device. Sign up for a free membership at itpro.tv/packet-pushers and try it with no obligation.
Sponsor: Cumulus Networks
If you’re future-proofing your network, why go with legacy infrastructure? Cumulus Networks offers networking software for the open, modern data center, giving you the option to choose the new way every time. Find out more at cumulusnetworks.com/modernize.
Show Links:
Scott Hogg on Twitter
Hexabuild
IPv6 Buzz Podcast
Scott’s Network World author page
Scott’s Infoblox author page
Web Application Firewalls and IPv6, Scott Hogg – Network World
The Open Web Application Security Project (OWASP)
The Web Application Security Consortium (WASC)
Web Application Firewall Evaluation Criteria (WAFEC)
WAF Criteria – ICSA Labs (PDF)

Visit the podcast's native language site