However, we have to start looking at the OSI Model. WAF only satisfies some but not all OSI layers.
I would list out the requirements, prior to asking this question. With the requirements in place, there are open-source packages that would satisfy most of your requirements (there is NOT one Hat that fits all).
I am using NGINX as an internal WAF. In a normal mode, the internal traffic is a lot less malicious than from the public network.
Director of Community at PeerSpot (formerly IT Central Station)
Real User
Jun 29, 2022
@JosephTran thanks for your answer!
What would be your WAF solution for external DoS (especially, DDoS) attacks? I'm not certain that NGINX will be able to eliminate them. Am I wrong?
Application security is a significant challenge for software engineers, as well as for security and DevOps professionals. It comprises the measures taken to improve the security of online services and websites against malicious attacks by finding, repairing, and preventing security weaknesses and vulnerabilities.
Hi,
You can check out Curiefense.io.
It is suitable for both enterprises and SMBs.
@Nir why do you recommend this (and not another) product?
I do NOT have a simple answer.
However, we have to start looking at the OSI Model. WAF only satisfies some but not all OSI layers.
I would list out the requirements, prior to asking this question. With the requirements in place, there are open-source packages that would satisfy most of your requirements (there is NOT one Hat that fits all).
I am using NGINX as an internal WAF. In a normal mode, the internal traffic is a lot less malicious than from the public network.
@JosephTran thanks for your answer!
What would be your WAF solution for external DoS (especially, DDoS) attacks? I'm not certain that NGINX will be able to eliminate them. Am I wrong?