A Study on Comparison of Network Location Efficiency of Web Application Firewall
Keywords:Web Application Firewall, In-Line Type, Port Redirection Type
This paper proposes a method to optimize the performance of web application firewalls according to their positions in large scale networks. Since ports for web services are always open and vulnerable in security, the introduction of web application firewalls is essential. Methods to configure web application firewalls in existing networks are largely divided into two types. There is an in-line type where a web application firewall is located between the network and the web server to be protected. This is mostly used in small scale single networks and is vulnerable to the physical obstruction of web application firewalls. The port redirection type configured with the help of peripheral network equipment such as routers or L4 switches can maintain web services even when physical obstruction of the web application firewall occurs and is suitable for large scale networks where several web services are mixed. In this study, port redirection type web application firewalls were configured in large-scale networks and there was a problem in that the performance of routers was degraded due to the IP-based VLAN when a policy was set for the ports on the routers for web security. In order to solve this problem, only those agencies and enterprises that provide web services of networks were separated and in-line type web application firewalls were configured for them. Internet service providers (ISPs) or central line-concentration agencies can apply the foregoing to configure systems for web security for unit small enterprises or small scale agencies at low costs.
 Lee ST, LEE BK, â€œWeb Security Threat and Security in the Cloud Computing Using Web Application Firewallâ€, Institute of Control, Robotics and Systems, Vol. 2012, No. 7, (2012), pp. 239-248.
 Noh SC, Jun IS, Kim KN, â€œVerification Method of Insuring Web Application Securityâ€, Journal of Information and Security, Vol. 3, No. 2, (2003), pp. 11-20.
 Jang SM., Won YH. â€œDesign and Implementation of a Web Application Firewall with Multi-layered Web Filterâ€, Journal of the Korea Society of Computer and Information, Vol 14, No.12, (2009), pp. 157-167.
 http: //www.owasp.org, last visit: 02.06.2018.
 Kim JS, â€œA Study on the improvement for Authentication and Session Management in Web Applicationâ€, Master. Thesis, Korea University, Seoul, Republic of Korea, 2005.
 Chang MS, Lee JI, â€œHarmful Traffic Analysis of Web Applicationâ€ The Korean Entertainment Industry Association, Vol. 2, No. 1, (2008), pp. 74-77.
 Makiou, Abdelhamid S, Ahmed B, Youcef, â€œToward a Novel Web Application Firewalls Architectureâ€ Journal of Information Assurance and Security, Vol. 10, No. 4, (2015), pp.164-173.
 Baranov, Petr AB, Eldar R, Hong, â€œSecuring Information Resources Using Web Application Firewallsâ€, BIZNES INFORMATIKA-BUSINESS INFORMATICS, Vol. 34, No. 4, (2015), pp. 71-78.
 Monitorapp Tech Center, https://blog.naver.com/monitorapp_co/, last visit: 05.06.2018.