Do I really need a layer 7 Firewall if I change the architecture to use a VPN? If our clients connect to our services via a VPN, surely that would save costs of a WAF? Or am I missing something?
Asked
Active
Viewed 361 times
1 Answers
0
A WAF protects your web services and services behind your web. If you believe in zero trust then people logging into your vpn should not be trusted. Many believe vpn is a dying tool since it's often configured with poor segmentation. It's argued that a better alternative to vpn is to use cloud based apps that allow SAML or other methods of authentication/authorization along with 2 factor capabilities. Hope this helps.
dbroggy
- 338
- 4
- 7