Hi Community,
I am new to Imperva products, so my question may have an obvious answer - if so please just show me to the section in the documentation :)
My customer is using Imperva Cloud WAF and now they are about to implement a custom compression algorithm. The algorithm will essentially use its knowledge of the data to effectively transform it. The client will compress the data and the server will decompress it before it reaches an API endpoint.
Now the tricky question I am struggling with is where to put the decompression. Putting it in front of WAF is difficult because SSL is not yet terminated. So in order to decompress before WAF we will need to terminate the SSL, decompress, re-SSL again, and send to WAF - this looks very complex and redundant.
If we put it behind WAF, then WAF will be less effective because it wouldn't understand the contents of the package and miss attack patterns.
An ideal scenario for me seems to be some sort of integration where we could decompress and rewrite the content, and WAF would check the decompressed message. Is this something that is possible to implement? Or are there other ways to solve the same need?
Thank you for all the help.
#CloudWAF(formerlyIncapsula)------------------------------
Anton Baranenko
Join the Dots BV
Huldenberg
------------------------------