A Study on Comparison of Network Location Efficiency of Web Application Firewall

 
 
 
  • Abstract
  • Keywords
  • References
  • PDF
  • Abstract


    This paper proposes a method to optimize the performance of web application firewalls according to their positions in large scale networks. Since ports for web services are always open and vulnerable in security, the introduction of web application firewalls is essential. Methods to configure web application firewalls in existing networks are largely divided into two types. There is an in-line type where a web application firewall is located between the network and the web server to be protected. This is mostly used in small scale single networks and is vulnerable to the physical obstruction of web application firewalls. The port redirection type configured with the help of peripheral network equipment such as routers or L4 switches can maintain web services even when physical obstruction of the web application firewall occurs and is suitable for large scale networks where several web services are mixed. In this study, port redirection type web application firewalls were configured in large-scale networks and there was a problem in that the performance of routers was degraded due to the IP-based VLAN when a policy was set for the ports on the routers for web security. In order to solve this problem, only those agencies and enterprises that provide web services of networks were separated and in-line type web application firewalls were configured for them. Internet service providers (ISPs) or central line-concentration agencies can apply the foregoing to configure systems for web security for unit small enterprises or small scale agencies at low costs.

     

     


  • Keywords


    Web Application Firewall, In-Line Type, Port Redirection Type

  • References


      [1] Lee ST, LEE BK, “Web Security Threat and Security in the Cloud Computing Using Web Application Firewall”, Institute of Control, Robotics and Systems, Vol. 2012, No. 7, (2012), pp. 239-248.

      [2] Noh SC, Jun IS, Kim KN, “Verification Method of Insuring Web Application Security”, Journal of Information and Security, Vol. 3, No. 2, (2003), pp. 11-20.

      [3] Jang SM., Won YH. “Design and Implementation of a Web Application Firewall with Multi-layered Web Filter”, Journal of the Korea Society of Computer and Information, Vol 14, No.12, (2009), pp. 157-167.

      [4] http: //www.owasp.org, last visit: 02.06.2018.

      [5] Kim JS, “A Study on the improvement for Authentication and Session Management in Web Application”, Master. Thesis, Korea University, Seoul, Republic of Korea, 2005.

      [6] Chang MS, Lee JI, “Harmful Traffic Analysis of Web Application” The Korean Entertainment Industry Association, Vol. 2, No. 1, (2008), pp. 74-77.

      [7] Makiou, Abdelhamid S, Ahmed B, Youcef, “Toward a Novel Web Application Firewalls Architecture” Journal of Information Assurance and Security, Vol. 10, No. 4, (2015), pp.164-173.

      [8] Baranov, Petr AB, Eldar R, Hong, “Securing Information Resources Using Web Application Firewalls”, BIZNES INFORMATIKA-BUSINESS INFORMATICS, Vol. 34, No. 4, (2015), pp. 71-78.

      [9] Monitorapp Tech Center, https://blog.naver.com/monitorapp_co/, last visit: 05.06.2018.


 

View

Download

Article ID: 21009
 
DOI: 10.14419/ijet.v7i3.33.21009




Copyright © 2012-2015 Science Publishing Corporation Inc. All rights reserved.