![]() That makes WAF focus on what it is designed to protect, that is, the ports you are providing web service to clients. Moreover, talking about Imperva On-premise WAF in bridge mode, for the protection to take effect you need to specify in advance the target server IPs and HTTP/S ports of which you would like to be protected by WAF gateway. My idea is, if you are looking for a tool which, in general, generates alert " if someone try to do an nmap on a closed port", it does not sounds like you are looking for a "WAF". And it does its job, by letting you see the alert if you run scripts to emulate attacks by making actual HTTP request. ![]() Speaking from my own point of view, we expect a Web Application Firewall to protect against web service/application attacks.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |