Forum Systems Sentry WAF
November 01, 2011
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Advanced protection functions for web applications.
- Weaknesses: Expensive.
- Verdict: This one is pricey, but its feature set ameliorates that somewhat.
The Sentry WAF from Forum Systems is a full-feature web application firewall that provides comprehensive protection to almost any web application, including HTML, JSON, XML and SOAP. This product is designed to protect against the new threats facing complex web applications, and to keep the backend of those apps safe from being exploited by hackers.
We found it to be reasonably easy to install. The initial configuration is done through a terminal session and, at the end of a short wizard, the appliance has an IP address and all the basic configuration information needed to be deployed in the network. Once deployed, all further configuration is done via the easy-to-navigate, web-based interface.
This product offers a lot in terms of deployment flexibility. While the platform itself is a physical appliance, customers also can access a virtual appliance for deployment testing and development. Once the configuration is complete on the virtual appliance, it can be exported and then imported directly into the physical appliance. This functionality guarantees that policies are tested completely before being deployed in production.
Documentation includes well-organized and easy-to-follow installation and appliance administrator guides. The installation guide provides excellent detail on the setup process of the appliance and how to deploy it in the network, while the administrator guide offers in-depth configuration and management information.
Forum Systems lends support to customers through an agreement. Customers can purchase eight-hours-a-day/five-days-a-week or 24/7 assistance plans. Contracts also include access to an online portal that includes resources, such as a knowledge base, FAQ section and forum.
At a price of $64,000, this appliance is quite pricey for most organizations. However, we find it to be a good value for the money based on its comprehensive feature set and advanced application protection functions.
Sign up to our newsletters
SC Magazine Articles
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- RSA Conference 2015: Prepare for the IoT before it's too late, Sorebo warns
- 'Aaron's Law' returns to Congress
- RSA 2015: Tension continues to grow between govt, cryptographers
- Data at risk for 9,000 individuals following unauthorized access to SRI Inc. website
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure