Pakhnyushchyy - Fotolia
Kemp has integrated Web application firewall protection into its Kemp LoadMaster application delivery controller line, giving businesses real-time threat protection at the application level.
A traditional network firewall deployed at the edge of the infrastructure can't help protect businesses from sophisticated attacks targeting HTTP flows from application traffic. Most enterprises deploy a Web application firewall (WAF) to monitor and prevent application-layer exploits, including cross-site scripting and the exposure of confidential information -- such as credit card data. A WAF can also help businesses comply with regulations.
WAF capabilities are increasingly being added directly into application delivery controllers (ADCs), said Brad Casemore, research director for IDC, based in Framingham, Mass. "Since ADCs reside in the data center, it is directly in line between Web applications and the Internet endpoints, aka users and their devices. It's a logical place for WAF functionality. Vendors see the value in adding the functionality, and customers [are seeing] the value in consuming it within an ADC," he said.
Kemp LoadMaster ups its security capabilities
The Kemp LoadMaster ADC line has always provided businesses with integrated security features, such as DDoS mitigation, application publishing, client authentication and single sign-on capabilities. Now, Kemp's new Application Firewall Pack (AFP) for WAF protection will help businesses take their security strategy a step further by adding real-time threat protection for packaged and custom-published applications and data leak prevention for application workloads, the New York-based vendor said.
Kemp's new WAF technology is based on ModSecurity, an open source, free WAF Apache module, as well as threat intelligence research and security rules from Trustwave, an information security provider. The ModSecurity technology gave Kemp an easy way to add WAF cost-effectively, and quickly enough to meet customer demand, IDC's Casemore said.
With the new WAF feature, IT teams can centralize any existing ModSecurity rules that could be distributed across multiple Web application servers, Kemp said. "Customers have the option to build their own rules within the ModSecurity engine, and use it as a central point to import and administer those rules," said Jason Dover, KEMP's director of technical product marketing. Customers will also have the option to purchase a yearly subscription of commercial rules for real-time protection updated daily by KEMP for their infrastructure, he said.
A WAF based on ModSecurity is a good option for businesses that don't require a great deal of security customization within their environments, but still may have compliance rules they must meet, said Jeremy D'Hoinne, research director of infrastructure protection for Gartner, Inc. based in Stamford, Conn. "This gives Kemp customers access to a set of proven signatures and rules, some of which are really tuned to common compliance regulations -- like PCI," he said.
Kemp LoadMasters with the integrated AFP -- which can be added as a free update for existing customers -- will ensure consistency for businesses by removing the potential for configuration shift across distributed instances, which will also simply administration and security management for IT teams, Dover said.
ADCs, now with Web application firewall functionality
Businesses that didn't have WAF functionality built into their ADCs have to deploy standalone products to address the evolving threat landscape-- which now includes application-layer attacks -- that circumvent the scope of traditional firewalls at the network edge. These businesses either deployed a dedicated WAF appliance, a separate server plug-in or an HTTP filter. Some businesses have been going without WAF entirely, IDC's Casemore said. While Kemp is playing catch-up with the addition of WAF technology to its ADC line, many businesses -- especially the small-to-midsized businesses that Kemp traditionally targets -- are just beginning to identify the need for a WAF, he said.
And many organizations are still evaluating WAF against intrusion protection systems. WAF technology, however, protects against a more dedicated set of rules targeting Web-based threats, rather than generic network threats, "It's becoming one of the capabilities that all ADCs have to have," Gartner's D'Hoinne said.
Web application firewall products: What to look for
How to know when a WAF security deployment will be beneficial
Stopping threats, vulnerabilities with Web application firewalls