08-13-2013 01:23 AM
I would like to understand to what extent a NIPS e.g. the TippingPoint 2500N and a WAF, e.g. the F5 ASM overlap in their functions.
I think the WAFs strength is
- when it sits in front of the Web Application
- when it acts as a reverse-proxy and SSl-endpoint
- when it is used for user authentication
- when it manages the session between browser and application and detects attacks on the session handling
- when it can manipulate/rewrite data in HTTP(S) connection
- its ability to analyze layer 7 web application logic
Is that all correct? How good is the 2500N in doing a WAFs job in protection web apps?