[sclug] Web Application Firewall?
Keith Edmunds
kae at midnighthax.com
Wed Sep 28 18:51:37 UTC 2011
On Wed, 28 Sep 2011 18:17:54 +0100, sapan.ganguly at gmail.com said:
> I've been told that I need to provide a web application firewall by
> the end of tomorrow.
Does the entity that told you to do this want the firewall implemented
properly? If so, why are they asking someone who doesn't know how to do
that, and imposing an arbitrary deadline? You also say that the IIS server
"needs some kind of extra protection": what kind of extra protection?
As usual, there are three parameters. The requester can have this:
- done quickly
- done cheaply
- done properly
The catch is, they only get to pick two of the above.
Which two do they want?
--
"You can have everything in life you want if you help enough other people
get what they want" - Zig Ziglar.
Who did you help today?
More information about the Sclug
mailing list