There are many unique challenges and pieces to application security that most devices today are not able to provide. Most enterprises still want to provide application security with just a Web Application Firewall, ignoring the rest of the application security puzzle or leaving those duties to existing security appliances and controls. While technically a viable option, this single-point architecture will start to unravel as security is required for non-HTTP application protocols, such as email, instant messaging, and VoIP. In order to provide a true, robust, and complete application security solution, three critical issues must be addressed. This white people lists and details those issues.