I really like the profiling section. I mean that signature based policies are ok and they are maybe the most widespread and common kind of security policy in security appliances, but, the profiling policies are custom tailored on a specific web application. I guess it’s the most valuable, and fresh, aspect about SecureSphere.
Improvements to My Organization
It has helped a lot with working among, and creating a link between, different teams in my organization, of course I’m referring to security, networking and system application teams. It’s important to find the right collaboration in order to secure the applications from the beginning of the deployment process.
Room for Improvement
I guess the GUI could be improved a little, as it’s not always simple to get. The most important aspect to me that needs improvement though, is that, by default, if you put activate and protect a server group you created, all the web applications lying on the same group of physical machines, inherit the same policy rule set. This means it’s not so easy to different policies and cut them on a specific application (maybe I’ll ask the vendor support).
Use of Solution
It’s been one-and-a-half years.
Not in particular, once I understand the network behavior and the different types of the WAF deployment it was pretty simple and fast.
Not so far. It must be said, though, that It’s a relatively a new installment in our infrastructure, and maybe it’s too soon to say.
It’s an ongoing process day to day, working alongside systems and application engineers to adapt the WAF to better meet the applications characteristics. I guess it depends a lot on the application features and software implementation.
Customer Service and Technical Support
I would say that they are pretty available. Technical Support
They are reliable and ready to solve your issues.
To be honest, we have been supported by a professional services engineer who showed us the peculiarities during the initial setup, so it was a good experience. I would say that it’s straightforward if you are in good hands.
I would say to focus on the most convenient area for positioning the WAF in order to take the get the best out of it. In my case, we chose a WAF appliance, and it’s crucial where to put it. For instance, we chose to deploy it downstream from the load balancing network infrastructure for various reasons. One of them was to enable the WAF to see the private IP addresses that a vulnerability assessment tool in the private DMZ would see in order to use the WAF as an application firewall and as a virtual patching tool either.
Which version of this solution are you currently using?