“Sure, the WAF can protect against some known attacks, and if you set it up the right way, it can attempt to detect and block other, unknown attacks — that is, if it’s configured aggressively enough.”
Yea, you nailed it there. The WAF will just go the same route as the network based firewall. Open a connection here, open up a port there, eventually the firewall is letting in much more than it is actually blocking.
Unfortunately, I see the WAF going the same way. A very cautious approach will be taken to any blocking actions and once something breaks legitimate functionality it will be throttled back. This approach will not provide sufficient application security and pales in quality to a quality source code review.
-Michael
