TippingPoint
Showing results for 
Search instead for 
Do you mean 

NIPS vs. WAF

Highlighted
Occasional Contributor

NIPS vs. WAF

I would like to understand to what extent a NIPS e.g. the TippingPoint 2500N and a WAF, e.g. the F5 ASM overlap in their functions.

I think the WAFs strength is

- when it sits in front of the Web Application

- when it acts as a reverse-proxy and SSl-endpoint

- when it is used for user authentication

- when it manages the session between browser and application and detects attacks on the session handling

- when it can manipulate/rewrite data in HTTP(S) connection

- its ability to analyze layer 7 web application logic

 

Is that all correct? How good is the 2500N in doing a WAFs job in protection web apps?