Yes, you would definitely need a true WAF. In this case, the SEP IPS component would come into play and it's only as good as the signatures it has.
SEP IPS will catch xss/sql injection but that's only if a signature is available. XSS/SQL Injection can be maniuplated to get around traditional signatures. A true WAF will give you much more flexibility.
You could write custom IPS signatures in SEP, so this may help out more and let you be flexible as well.
About custom IPS signatures
Article:HOWTO80930 |
| |
Created: 2012-10-24 |
| |
Updated: 2013-01-30 |
| |
Article URL http://www.symantec.com/docs/HOWTO80930 |