4 Replies Latest reply: Feb 6, 2013 10:02 AM by Troja RSS

    Reverse Proxy: MWG vs. Mykonos (Juniper)


      Hi everyone,

      has anyone some infos how this two products can be compared?




      Take a look at the video, sounds very interesting.


      Question: Can this features be realized with MWG? :-)




        • 1. Re: Reverse Proxy: MWG vs. Mykonos (Juniper)

          The Mykonos product looks really interesting but is a very different product than MWG.  MWG is traditionally a web proxy that protects your corporate users from visiting malicious sites, doing edge AV scanning, and content filtering, etc.  Mykonos protects your company websites from external hackers.

          • 2. Re: Reverse Proxy: MWG vs. Mykonos (Juniper)


            yes, you are absolutely right. But in more and more cases MWG is used as a reverse proxy. Not only to scan the webtraffic to sharepoint 201x, Microsoft OWA or different Webserivices, more and more customers want to secure theire "webentries" and websites.


            On every installation the customers want more features to secure theire websites. The first steps are done on mwg like XSite scripting and so on. We also implemented a Ruelset to prevent the websites from a high amount of requests from one client and so on.


            It would be intersting which features today or planned features will protect customer websites. :-)


            -  Are there any other features available today?

            -  Are there any upcomng features on MWG?

            -  Which McAfee product is able to secure websites?

            -  Which McAfee product can be compared with Mykonos?


            I think the technology from Mykonos is very interesting. Such or similar features would greately enhance the MWG product as well.




            • 3. Re: Reverse Proxy: MWG vs. Mykonos (Juniper)



              we had the discussion about "WAF" features a while ago on a customer meeting in Paderborn. I believe this is pretty interesting in general. I am not sure if there are any plans to move into this direction, but so far certainly you can apply all the features which work for forward proxy environments as well. Usually MWG is deployed as a reverse proxy to apply malware protection which we can do pretty good.


              You also named some examples on what is possible. Another nice option is to take the client IP address and run it against GTI. If the IP is known to be a bad guy (bad reputation) you can deny access to your protected website or (what I prefer) apply a very strict policy.


              Additionally MWG can add authentication to your web site and/or encrypt/decrypt the communication  between client and web server.


              Everything that can be built within regular expressions is possible, such as protection against SQL injections, etc. Currently we do not provide such lists due to lack of interest and lack of research capacities, at least within my group.


              To find out which products  can compete with Mykonos I recommend to talk to our sales departments - I believe most of the McAfee people here are MWG focussed :-)




              • 4. Re: Reverse Proxy: MWG vs. Mykonos (Juniper)

                Hi Andre,

                how can i check an IP-adress against GTI? Perhaps you have a short hint for me? :-)