Mahmoud_Eldeeb_
Apr 28, 2014Cirrostratus
Do I need ASM ??
Actually I have two level of firewalls (external firewall-PAlo Alto & Internal Firewall- Juniper-SRX). do I need to run ASM module as well ? does it add value to my network?
ASM is an application firewall as opposed to the network based firewalls you listed from the other vendors.
While they may have some IPS (Intrusion Prevention) or IDS (Intrusion Detection) capabilities, they can not truly protect your web based applications from zero day attacks. A WAF (Web Access Firewall) is the category that ASM falls into, and these technologies allow you to configure a "positive security" model where you only allow known acceptable requests from getting in as opposed to block bad requests that conform to a signature of sorts.