350 likes | 537 Views
CLOUDy WAF. Agenda. What, Where, Why and When? Introducing CLOUDy WAF Key Features, Business Benefits and Differentiation CLOUDy WAF M anagement Model Offering and Technical Specifications Summary. Slide 2. What, Where, Why and When?. Who?. Why?.
E N D
Agenda • What, Where, Why and When? • Introducing CLOUDy WAF • Key Features, Business Benefits and Differentiation • CLOUDy WAF Management • Model Offering and Technical Specifications • Summary Slide 2
Why? Prevent credit card fraud through increased controls around data and its exposure to compromise Applies to all organizations which hold, process, or pass cardholder information
Web Applications Security Threats Statistics Most prevalent vulnerabilities http://www.webappsec.org/projects/statistics/, 2007
Common Web Application Threats SQL injection Cross-site scripting Parameter tampering Hidden field manipulation Session manipulation Cookie poisoning Stealth commanding Backdoor and debug options Application buffer overflow attacks Brute force attacks Data encoding Unauthorized navigation Gateway circumvention Web server reconnaissance SOAP and Web services manipulation
Web Applications Facts A Web Application consists of several sub Web Applications Each sub Web Application is a large collection of Web Pages Web Applications are complex, some parts are more complex than others parts Web applications are: Exposed to virtually everyone Easy to exploit: all you need is a Web browser
Web Applications FactsWhat does they mean? Not all sub-Web Applications are vulnerable to the same threats Detecting wide range of vulnerabilities on Web Applications is a CPU/Memory demanding task Web Application complexity implies complex WAF configuration
What does WAF do? Mitigate brute force attacks Maintain parameters validity Ensures users walk through a legitimate path Secure users sessions Detects unauthorized content in outbound reply messages
Introducing Radware AppWall Slide 19
Radware AppWall AppWall is a Web Application Firewall (WAF) AppWall secures Web Applications and enables PCI compliance AppWall detects threats, blocks attacks and generates events An integral part of Radware ADC solution Helps organizations meet regulatory requirements Slide 20
AppWall Differentiators Minimal time to protection through out-of-the-box security policies Precise security coverage through fine grain policy control while optimizing resource usage Integral part of Radware ADC solution Standardized on the OnDemand Switch hardware platform Unique, “pay-as-you-grow” scalability by device Automatic protection level escalation When AppWall cluster is deployed When several AppWall devices are deployed is different locations in the organization Slide 22
AppWall Advantages Easy to configure through Learning Mode with Auto Configuration Complete alerting, forensics, and reporting capabilities Integration to leading Enterprise Management Systems Syslog, ODBC, SMTP, OPSEC Highly performing – sub millisecond latency Comprehensive, simplified management Enabling to centrally synchronize the configuration and learned data to all devices Slide 23
Highly Performing WAF Fine grain security enforcement based on Application Paths configuration Define optimized Security Policy Per Application Path Dynamically adapt to the needs of the application, resulting in: Inspection of exactly what is required Optimized application performance Optimized system • No limit on the number of AppWall Cluster members • Performance scalability based on the requirement of the application • Introducing more inspection power with time, controlling costs Slide 24
AppWall Events Dashboard Slide 25
Events Statistics Slide 27
Comprehensive Security Filters Coverage Vulnerabilities Security Filter Validates HTTP requests using rule-based validations that detect a variety of application layer security threats (Signatures based). Brute Force Security Filter Protects against Brute Force attacks by creating action rules and blocking IP addresses of potential attackers Database Security Filter Validates HTTP requests parameters by detecting harmful SQL command injections HTTP Methods Security Filter Validates the HTTP request methods are approved Files Upload Security Filter Validates file uploads and uploaded file access methods are approved Safe Reply Security Filter Detects disclosure and unauthorized content in outbound reply messages, such as credit-card and Social Security numbers Session Security Filter Prevent remote users from manipulating sessions state information and submitting it to the Web Application Slide 29
Allow List Security Filter Validates that HTTP requests are approved Path-Blocking Security Filter Validates in an HTTP request is forbidden, such as unauthorized attempts to access common files and folders Global Parameters Security Filter Validates HTTP requests parameters values are acceptable according to listed global definitions Parameters Security Filter Validates HTTP requests parameters values are acceptable according to listed definitions Web Services Security Filter Validates that services and operations are approved XML Security Filter Validates post request body XML and parses XML-encapsulated values into parameters for distribution to subsequent Security filters for validation Logging Security Filter Logs HTTP headers and bodies for tracking Comprehensive Security Filters Coverage Slide 30
Model Offering and Technical Specifications • latency < 1 millisecond • deployment mode - reverse proxy • unique possibility in WAF segment • highly granular policies creation per application path • policy modification per application change • Anti-crawler and Anti-scrapper solution • folder access restriction • application mapping • threat analysis
Summary Highly Performing WAF Slide 32
Summary “Pay-as-you-Grow” Scalability through Cluster Support Highly Performing WAF Slide 33
Summary Highly Performing WAF Simple Deployment, Fully Automatic Configuration Slide 34
Summary Comprehensive Web Applications security coverage Highly Performing WAF Simple Deployment, Fully Automatic Configuration Slide 35
Summary Radware AppWall is a Web Application Firewall (WAF) securing Web Applications and enabling PCI compliance offering: Comprehensive Web Applications security coverage Simple deployment and configuration Easy to install – out-of-the-box security deployment Easy to configure – learning mode with auto configuration Integrated with Radware ADC Solution “Pay-as-you-Grow” scalability through cluster support Highly performing WAF Complete alerting, forensics, and reporting Slide 36