0

I am not of the IS field and hence reference this to the experts here - My question regards to defending a server from a Brute Force Attack (BFA) with 2 Web Application Firewalls (WAFs). The question can actually be comprised of the following 2 questions:

  1. Is it usually possible? (shouldn't there be some kind of obvious conflict)?

  2. Is it common in the "industry"?

The reason I ask this is my curiosity to know if this could suffice extra security or at least as alternative defense in case one WAF malfunctions because of a temporary bug or a breach that isn't occurring in the other WAF.

1 Answers1

1

This is not common at all, but certainly possible.

When you choose a set of protections for something, you have to balance the costs and benefits against the risks and threats that you have identified.

In this case, you would have to weigh the costs of installing, configuring, and running a 2nd WAF against the possibility of the first WAF having an unknown bug. Typically, this is seen as too costly for the risk. But you have to make that calculation for yourself.

The thing for WAF is that you would have to place them in series (one after the other), which means the 2nd WAF isn't going to be doing much protecting at all under normal conditions, but still needing to do all the work of the 1st WAF.

So, if you want to add protections in case one WAF fails, I'd look at other options (like alerting) instead of a 2nd in-line WAF.

schroeder
  • 129,372
  • 55
  • 299
  • 340