Forum Discussion
Amit_Karnik
Aug 28, 2015Nimbostratus
If your organization is sending traffic to other web-servers, then I would not do any WAF. The WAF is protecting the final web-servers from any potential attacks within the http content.
In this case, the web-servers are in another 3rd party organization. You would end up using your resources to sanitize/secure the http requests sent to those servers.
So I would not do it.
Having said that, there might be situations in which you might want it for response validations for information leakage, etc.
cheers.