Cloud Computing

TMCnews Featured Article

February 16, 2011

Open Source Web Application Firewall Unveiled by Qualys

By Calvin Azuri, TMCnet Contributor

In an announcement made by Qualys, the next-generation of web application firewall or WAF technology will be provided by a new open source project, IronBee.

Building a secure, high-performing, portable, and freely available WAF has been the aim of the new project. A set of rules to a HTTP conversation are applied by an appliance, server plug-in or software-based filter. This helps to monitor and control the movement of data. Data is therefore made secure from possible attacks. Many attacks can be identified and blocked by customizing the WAF rules.

Qualys is creating a sustainable community for commercial and open source contributors with the launch of IronBee. Companies of all sizes will be therefore able to protect their data and IT assets by using the next-generation WAF technology.

According to John Summers, VP of product management at Akamai Technologies, the company is excited about the IronBee project. In a release, Summers said, “Akamai and Qualys (News - Alert) share a vision that web security must evolve to become an intercommunicating ecosystem of controls located both in the cloud and within the user’s infrastructure. Akamai (News - Alert) looks forward to IronBee improving the industry’s ability to address the escalating number and sophistication of web application attacks.”

New processing tools and analysis for HTTP traffic will be provided by IronBee with a state-of-the-art application security inspection engine. IronBee will also provide Apache Software License v2. The key features of IronBee include portability, modular architecture and community collaboration.

In a release, Philippe Courtot, chairman and CEO of Qualys said, “Due to the proliferation of cloud computing and web applications, it is quite obvious that no single company alone can fight the sophistication of attacks we are now facing.”

Courtot added that the company can leverage the collective intelligence of the community with the introduction of an open source project, IronBee. A cloud-based WAF with a diverse rule set can be therefore built which will protect everyone against cyber attacks.

Calvin Azuri is a contributing editor for TMCnet. To read more of Calvin’s articles, please visit his columnist page.

Edited by Jennifer Russell