• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Application firewall for HTTP / SQL

C

Cooky

Golden Member
We're detecting some SQL injection attacks against our web servers in the DMZ.
Is there any way we can enable application level protection for the server?

Even though we have "inspect http" enabled under the default global_policy policy-map, it's not able to stop the attacks.

Any advise?
We already have the GigE module in the expansion slot, so we can't deploy the IPS module.
 
You can try limiting the URL string length using the ASA if that is how the attack is coming in. Now, if it is coming in from a form on the page it is not going to work. Your best protection will be from a Web Application FW (WAF) which in the Cisco family would be the ACE XML Gateway/WAF.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top