I was reading a security statistics report the other day and it seems that web vulnerabilities take up the majority of the pie. SQL injections, Cross Site Scripting, Code injections etc are found everywhere in web applications. Unfortunately secure coding (not only for HTML but for any software application) is not yet widely adopted, so we end up with applications that are vulnerable to all sorts of attacks. And because everyone is using the Web, we consequently find that security holes are more prevalent on Web Applications compared with anything else.
Legacy security architectures were designed with just perimeter and network security in mind. In the past, security experts were thinking that by installing a network firewall and maybe an Intrusion Detection System would provide all the required security. This is not true at all for protecting against modern attacks. Indeed a high-speed dedicated hardware firewall is still needed to provide low-level inspection and filtering (catching various attacks on the network and transport layers). After the legacy security infrastructure devices do their job (allowing only clean traffic to pass to the applications), an application firewall is also required for deeper inspection of incoming data and for discovering more complex application attacks that a regular firewall is not able to detect.
The ACE Web Application Firewall is a security appliance that is intended for deployment inside the DMZ segment, where your Web Applications are located. It fulfills all the requirements for companies that want to comply with PCI DSS regulations (companies that store and process credit card data) and combines deep Web application analysis with high-performance Extensible Markup Language (XML) inspection and management to address the full range of these threats. It secures and protects Web applications from common attacks such as identity theft, data theft, application disruption, fraud, SQL injection attacks, XSS attacks etc.
For more information of the ACE Web Application Firewall visit the Cisco link HERE.
Related Posts
- Comparison of BGP Confederations vs Route Reflectors
- What are BGP Confederations-Explanation and Discussion (With Cisco Example)
- What is BGP Route Reflector – Explanation and Discussion (with Cisco Example)
- Guide to Cisco Bandwidth Command Parameter (With Configuration Example)
- What is a Wildcard Mask – All About Wildcard Masks Used in Networking