Syrinx Technologies
FOLLOW US
  • Home
  • Company
  • Services
    • Services List
    • Testimonials
  • Blog
  • Publications
    • Podcasts
    • Articles
    • Presentations
  • FAQ
    • FAQ Blog
  • Contact

Q: Is there a difference between an IDS/IPS and a Web Application Firewall (WAF)?

1/14/2013

1 Comment

 
A: Yes, there are definite differences between the two. IDS/IPS systems are typically either signature-based or behavior-based. Sometimes the functionality is built into devices such as firewalls and routers, other times they are built into blades that fit into a larger chassis. They can act as network or host-based protection controls. Sometimes they are used as separate appliances with one or multiple network interfaces. While IDS/IPS systems are designed to provide a higher layer of security over a basic firewall, they do not typically understand or protect against application layer attacks such as SQL Injection, XSS, etc. This reason is why the PCI standard requires a WAF to protect Internet-facing web servers instead of just a firewall with IDS/IPS capabilities.
1 Comment
devendra mhatre
8/10/2018 09:14:50 am

thanks for this details...but my question is....Why WAF is hiding External source IP? when we are getting logs....WAF is hiding external source IP and providing WAF IP as an External source IP in logs? Why this is happening when alert is triggered?

Reply



Leave a Reply.

    Categories

    All
    Applications
    Dial-In
    General Topics
    Pci
    Policies And Procedures
    Social Engineering
    Syrinx Technologies
    Virtualization
    Wireless

    RSS Feed

Powered by Create your own unique website with customizable templates.