Throughout its more than 110-year history, Southern Utah University has evolved from a teacher training institution to a comprehensive university offering graduate and technical programs. In seeking to protect SUU’s extensive data, the Director of Web Applications at Southern Utah University chose to implement Profense, web application firewall (WAF). Following are the director’s comments regarding the university’s search for a WAF and his impressions of Profense.
What are the main reasons SUU decided to implement a Web application firewall?
The main reason just had to do with PCI compliance and our research around PCI specifications. We found out that we either had to have an outside security company validate our code or put our servers behind a web application firewall. I wasn’t really looking at one for PCI compliance specifically, but more for everything we need to protect against — SQL injection, cross-site scripting. It’s always good to put another layer of protection between you and the people out there trying to get into your server.
Why did you select Armorlogic’s Profense?
We had a Webex meeting with several companies and got some quotes. Most of the companies offered some type of dedicated appliance. The problem was that they were limited and most were priced on throughput. The products in our price range offered a throughput of 50 MB per second – which is a huge amount of http traffic. But I didn’t really like being limited on the amount of bandwidth that we could push through and being tied into their hardware. What I really liked about Profense is that it is a self-contained hardened platform that you install on your own hardware. This means I can upgrade my hardware anytime I want to and move the web application firewall easily. The other big advantage was that Profense is a proxy set-up and I have several Web servers. Some of the appliance companies touted the hardware solution, recommending that you put their hardware in line with your server. They do have some proxy capabilities, but it’s truly designed to be in front of the Web server and let traffic pass through it. I have servers throughout the campus and Profense lets me route all of the servers through a single proxy.
Have you ever been confronted with a web security breach?
Not that I am aware of, but that doesn’t’t mean it doesn’t happen. As soon as I turned on Profense, I started getting all the reports about what it’s blocking, like SQL injection and more — the real things that I wanted to block. I couldn’t believe that we were getting that kind of traffic.
How easy was it to install Profense?
The actual installation was very easy. Obviously, there was a bit of a learning curve associated with it, but that goes with any new product.
Were you happy with the knowledge and support provided by Armorlogic?
They have been very responsive to my emails and questions. I have been very happy with their support.
For questions or to directly contact the Southern Utah University as a reference, please email info@argoworks.com.
Argoworks is the west coast provider for Amorlogic Profense™ WAF. Contact us at (818)-532-1494 to answer any questions or arrange a free trial of Profense.
About Armorlogic
Armorlogic’s goal is to provide a cost e!ective way to proactively protect web sites, web applications, and their users from attack in a way that network firewalls and intrusion detection systems can not. Easy to install, maintain and use, Profense™ is used by thousands of businesses, governments and organizations all over the world to protect Internet facing applications, servers and data. To maximize protection and minimize maintenance and adjustment, Armorlogic believes that the positive security model should be the governing principle of IT security solutions.
Copyright 2009 Argoworks | Disclaimer: No rights can be derived from this web site content. Brands and Logos are property of its respective owners.
