However, we have to start looking at the OSI Model. WAF only satisfies some but not all OSI layers.
I would list out the requirements, prior to asking this question. With the requirements in place, there are open-source packages that would satisfy most of your requirements (there is NOT one Hat that fits all).
I am using NGINX as an internal WAF. In a normal mode, the internal traffic is a lot less malicious than from the public network.
Director of Community at PeerSpot (formerly IT Central Station)
Real User
Jun 29, 2022
@JosephTran thanks for your answer!
What would be your WAF solution for external DoS (especially, DDoS) attacks? I'm not certain that NGINX will be able to eliminate them. Am I wrong?
WAFs safeguard web applications by filtering and monitoring HTTP traffic between a web application and the internet. A primary defense mechanism, they protect against attacks such as cross-site forgery, cross-site-scripting (XSS), and SQL injection.Designed to protect web applications from a wide range of threats, a WAF acts as a barrier, preventing unauthorized access and malicious traffic. Users find that effective WAF solutions offer a balance between security and performance without...
Hi,
You can check out Curiefense.io.
It is suitable for both enterprises and SMBs.
@Nir why do you recommend this (and not another) product?
I do NOT have a simple answer.
However, we have to start looking at the OSI Model. WAF only satisfies some but not all OSI layers.
I would list out the requirements, prior to asking this question. With the requirements in place, there are open-source packages that would satisfy most of your requirements (there is NOT one Hat that fits all).
I am using NGINX as an internal WAF. In a normal mode, the internal traffic is a lot less malicious than from the public network.
@JosephTran thanks for your answer!
What would be your WAF solution for external DoS (especially, DDoS) attacks? I'm not certain that NGINX will be able to eliminate them. Am I wrong?