F5 Networks' TrafficShield application firewall protects against common application security attacks

EDP Weekly's IT Monitor, July 25, 2005

F5 Networks, Inc., a leading application security services provider, has tested F5's TrafficShield web application firewall and found that it meets its expectations for a web application firewall. The tests were based on the OWASP (Open Web Application Security Project) Top Ten list of application vulnerabilities, which serves as the industry's de facto standard for measuring web application security. In the tests, TrafficShield was used to protect WebGoat, a J2EE application created by OWASP that contains built-in security flaws and is used both to test security products and as a security education tool.

"Web application firewalls can provide significant protection for both internal and external facing applications," says Jeff Williams, CEO of Aspect Security, and one of the original authors of OWASP's Top Ten list. "Traditional network firewalls can't do the job; you need a device that's specifically designed to protect against web application vulnerabilities. Our testing showed that F5's TrafficShield product significantly reduces the risk associated with common web application security attacks."