We have a MoveIT DMZ server running, which was recently under attack by CL0P Ransomware Group.
The abused the MOVEit SQLi Zero-Day (CVE-2023-34362) which our firewall did not stop.
Since this server is public facing, the solution of a WAF came to the table. I understand a WAF could have prevented this particular attack, so now I’m trying to judge what WAF solution of cloudflare I would need. There is currently a debate ongoing whether we need the pro, business or enterprise solution. The price difference between pro/business and enterprise is huge.
Can anybody tell me what would justify spending the amounts of enterprise?
Some statistics about the server:
- Data movement is about 2 TB / month
- Max concurrent users is 50
- It’s an important server, but not mission critical, if it’s down for a hour, we will survive it
- It does not require a load balancer
So since we want at least some level of support and uptime, choice will probably be business or enterprise.
Any recommendations or experience?