cancel
Showing results for 
Search instead for 
Did you mean: 
farjad
Level 7

Mcafee Web gateway provide web application firewall capability?

I want to ask does McAfee web gateway web application firewall capability for protecting website from various attacks just like imperva and other vendors in this category. If yes please refer me any documentation or links.

Regards,

0 Kudos
3 Replies
Peacekeeper
Level 20

Re: Mcafee Web gateway provide web application firewall capability?

Moved to Web gateway forum for more chance of an answer

0 Kudos
btlyric
Level 12

Re: Mcafee Web gateway provide web application firewall capability?

MWG probably has the capability to handle web application analysis in the same way as you would expect from a product like Imperva in terms of analyzing the connections for specific criteria and then alerting, blocking or allowing based on that criteria, but the catch is that MWG does not have default configurations rules that you would find on a dedicated WAF. As a corollary, I can configure mod_security to perform WAF functions, but I'll have to make the effort to define every item/signature that I want to look for and/or find a good source for signatures.

So yes, the capability undoubtedly exists in terms of feature ability and traffic analysis ability, but the reality is that if you want to use MWG as a WAF you're going to have to do a lot of custom configurations as well as be an expert on every web attack that is possible so that you can define signatures/rules for that attack.

If there's some automatic MWG WAF rule set and or a WAF checkbox that I am not aware of, I'm sure someone will chime in with a clarification.

If there isn't and you need WAF functionality, you should define your requirements, analyze what your in-house staff can and cannot do and select the appropriate product based on that analysis.

Hope this helps.

0 Kudos
frank_enser
Level 12

Re: Mcafee Web gateway provide web application firewall capability?

Hi,

Web Gateway has no included intrusion detection/prevention capabilities. But as btlyric mentioned, you could build your own analysis rules, but this would be very time consuming, complex and error prone.

If you need IDS/IPS capabilities, try McAfee Network Security Platform.

Regards,

Frank

0 Kudos