WAFs Big in Japan

Submitted by Ofer Shezaf on 5 May 2009 - 10:24am
Share/Save

The recent RSA conference in San-Fransisco brought announcements of two new WAF products from Japanese vendors. Both NEC and Fujitsu choose the conference to launch their WAF offerings. This is an indicator that the WAF market is gaining momentum in Japan.

NEC announcement is somewhat concerning as our analysis shows that while SiteShell is sold as a WAF it may not qualify as one but rather as an HTTP aware IPS. SiteShell is based solely on signatures and does not offer a positive security model which is a required feature of a WAF. You can read more about the difference between HTTP aware IPS and a WAF in our article about alternatives to WAFs.

SiteShell is a host based solution that supports IIS, Apache and WebLogic. It is sold as an annual subscription for $8,000.

While the NEC brand name may provide some benefit, we encourage you to explore more complete and cheaper host based WAF solutions, such as ModSecurity (Open Source for Apache) or Applicure (IIS and Apache). Both focus on signature based protection but allow positive security allowing virtual patching of custom applications.

Fujitsu on the other hand stress the differentiation between IPS and WAF in their announcement. The new WAF is a feature of Fujitsu IPCOM UTM and Load Balancing solution targeting it at a lower end market. At this price range Fujitsu is competing with lower end Barracuda models and Breach Security commercial ModSecurity offering. The feature is sold for approximately $10,000 and is available as a firmware upgrade to existing IPCOM customers.

Incorporating WAF technology into a UTM is an interesting trend. Smaller companies usually do not to host their web applications internally and therefore are less inclined to use a WAF. However there is a consistent demand for lower end WAF solutions detached from the data center, mostly in highly distributed organizations such as universities and local government. Such organizations often run departmental web servers that are served from local server rooms with minimal bandwidth requirements but still host sensitive information. It may not be the best security practice, but it is common and requires application layer protection.

Tags: 
Japan
Asia
NEC
Fujitsu

Post new comment

More information about text formats

Full HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.