I do not need a solution (just sharing information)
Can anyone comment on the effectiveness of the Symantec Endpoint Protection 12.1 firewall function on a server with a public facing website? Does it effectively function as a WAF? (Web Application Firewall) Or is a true WAF a product that is more specifically tailored for deployment on a server hosting public websites? I'm looking to provide protection against malware attacks (sql injection / css scripting) developed to exploit the encryption (https / ssl) environment. IPS and Firewall work on non-encrypted traffic and via access-list rules, but ours are not encrypted traffic smart.