Radware AppWall Web Application Firewall February 2009

of 33

Please download to get full document.

View again

All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
33 pages
0 downs
Radware AppWall Web Application Firewall February 2009. Page 1. Agenda. Web Application Security Challenges Introducing Radware AppWall Key Features, Business Benefits and Differentiation AppWall Management Model Offering and Technical Specifications Summary. Slide 2.
Radware AppWall Web Application FirewallFebruary 2009Page 1Agenda
  • Web Application Security Challenges
  • Introducing Radware AppWall
  • Key Features, Business Benefits and Differentiation
  • AppWall Management
  • Model Offering and Technical Specifications
  • Summary
  • Slide 2Web Application Security ChallengesPage 3Security Breaches – It Happens To EveryoneSlide 4What is the Cost of being Attacked?January 19, 2008Hackers hit Scientology with online attack The Church of Scientology has been hit by online attackers calling themselves "Anonymous."March 24th, 2008 Microsoft confirms Word attacksMarch 22, 2008Supermarket Breach Calls PCI Compliance Into Question Hannaford Bros. exposed millions of credit and debit card numbers. April 1, 2008Advance Auto Parts store spills data to hackers56,000 credit card records stolenHackers Disable Tahoma SitePosted on: Sunday, 27 January 2008, 12:00 CST10 March 2008Pentagon cyber attack more serious than previously assumed The cyber attack on parts of the Pentagon network last June may have had more serious consequences for network security than previously publicized. Slide 5Web Attack StatisticsResearch shows that 70% of cyber attacks are performed at the Web application levelGartner125 million records have been compromised in 2007Identity Theft Center90% of public Web sites are vulnerable to attackWhiteHat Security70% of Web sites are vulnerable to cross-site scriptingAcunetixSlide 6Reported Web Application Vulnerabilities Source: The National Vulnerability Database - http://nvd.nist.gov/statistics.cfmSlide 7Web Application Risks
  • Potential damage:
  • Defacement
  • Client attacks
  • DoS/DDoS
  • Data manipulation / retrieval / deletion
  • Attack techniques:
  • SQL / Command injection
  • Cross-site scripting (XSS)
  • Cookie poisoning
  • Session hijacking
  • More….
  • Slide 8OWASP Top Ten ListOWASP (Open Web Application Security Project) is a worldwide free and open organization focused on improving the security of application software.More information: http://www.owasp.org/images/8/85/OWASP_Top_Ten.pptSlide 9Web Applications Security Threats Statistics (http://www.webappsec.org/projects/statistics/)Most prevalent vulnerabilitiesVulnerability frequency by TypesSlide 10Scoping the ProblemWeb applications are: Exposed to virtually everyoneEasy to exploit: all you need is a Web browserThe entire system is open to attackMinimal attention to security during developmentCan target different layers, components & software modulesTraditional protection techniques are inadequateAdvanced hacking tools such as HTTP Proxies are available onlineThousands of Web security vulnerabilitiesSlide 11Payment Card Industry (PCI)
  • Payment Card Industry (PCI) Data Security Standard (DSS) is a standard developed by the major credit card companies as a guideline to help organizations that process card payments prevent credit card fraud, hacking and various other security issues
  • Ensure that all Web-facing applications are protected against known attacks by applying either or both of the following methods:
  • Installing an application-layer firewall in front of Web-facing applications – Radware AppWall
  • Having all custom application code reviewed for common vulnerabilities by an organization that specializes in Application security and then fixing code
  • - from PCI DSS 1.1, section 6.6
  • Starting June 30, 2008 PCI DSS 1.1 section 6.6 is a major requirement in many countries across the globeSlide 12Introducing Radware AppWallPage 13Radware AppWallAppWall is a Web Application Firewall (WAF) securing Web Applications and enabling PCI complianceAppWall detects threats, blocks attacks and generates eventsAppWall intercepts and monitors all incoming and outgoing application-layer trafficAn integral part of Radware ADC solutionHelps organizations meet regulatory requirementsSlide 14Radware Application Delivery Solution
  • XML message acceleration
  • XML data admission control
  • XML service privacy & integrity
  • Web Services interoperability
  • Data CenterMessage Queuing SystemAppXMLPartners
  • High Availability with Real-time Failure Bypassing
  • Superior Global Load Balancing
  • Smart Health Monitoring and Failure Detection
  • QoS Bandwidth Management and Traffic-shaping
  • Scalability & Investment Protection
  • SSL offloading
  • HTTP compression
  • Caching
  • HTTP and TCP optimization & acceleration
  • MainframeESBAppDirector CustomersWeb & PortalServersDatabaseserversAppWallEmployees
  • Out-of-the-box security policies
  • Auto-configuration with learning mode
  • Alerting, forensics and reporting
  • Supporting WAF cluster deployment
  • Integration to 3rd party Enterprise Management Systems
  • & UsersApplication ServersSlide 15AppWall DifferentiatorsIntegral part of Radware ADC solutionStandardized on the OnDemand Switch hardware platformUnique, “pay-as-you-grow” scalability by deviceMinimal time to protection through out-of-the-box security policiesPrecise security coverage through fine grain policy control while optimizing resource usageAutomatic protection level escalationWhen AppWall cluster is deployedWhen several AppWall devices are deployed is different locations in the organization Slide 16AppWall AdvantagesEasy to configure through Learning Mode with Auto ConfigurationComplete alerting, forensics, and reporting capabilitiesIntegration to leading Enterprise Management SystemsSyslog, ODBC, SMTP, OPSECHighly performing – sub millisecond latencyComprehensive, simplified managementEnabling to centrally synchronize the configuration and learned data to all devicesSlide 17Highly Performing WAF
  • No limit on the number of AppWall Cluster members
  • Performance scalability based on the requirement of the application
  • Introducing more inspection power with time, controlling costs
  • Fine grain security enforcement based on Application Paths configuration
  • Define optimized Security Policy Per Application Path
  • Dynamically adapt to the needs of the application, resulting in:
  • Inspection of exactly what is required
  • Optimized application performance
  • Optimized system
  • Slide 18AppWall Events DashboardSlide 19Intuitive Management and Security LoggingSlide 20Events StatisticsSlide 21Negative & Positive Security Models Support Slide 22Comprehensive Security Filters Coverage
  • Vulnerabilities Security Filter
  • Validates HTTP requests using rule-based validations that detect a variety of application layer security threats (Signatures based).
  • Brute Force Security Filter
  • Protects against Brute Force attacks by creating action rules and blocking IP addresses of potential attackers
  • Database Security Filter
  • Validates HTTP requests parameters by detecting harmful SQL command injections
  • HTTP Methods Security Filter
  • Validates the HTTP request methods are approved
  • Files Upload Security Filter
  • Validates file uploads and uploaded file access methods are approved
  • Safe Reply Security Filter
  • Detects disclosure and unauthorized content in outbound reply messages, such as credit-card and Social Security numbers
  • Session Security Filter
  • Prevent remote users from manipulating sessions state information and submitting it to the Web Application
  • Slide 23Comprehensive Security Filters Coverage
  • Allow List Security Filter
  • Validates that HTTP requests are approved
  • Path-Blocking Security Filter
  • Validates in an HTTP request is forbidden, such as unauthorized attempts to access common files and folders
  • Global Parameters Security Filter
  • Validates HTTP requests parameters values are acceptable according to listed global definitions
  • Parameters Security Filter
  • Validates HTTP requests parameters values are acceptable according to listed definitions
  • Web Services Security Filter
  • Validates that services and operations are approved
  • XML Security Security Filter
  • Validates post request body XML and parses XML-encapsulated values into parameters for distribution to subsequent Security filters for validation
  • Logging Security Filter
  • Logs HTTP headers and bodies for tracking
  • Slide 24Model Offering and Technical SpecificationsPage 25AppWall Technical SpecificationsSlide 26Slide 26AppWall on OnDemand Switch 1 XL ModelsSlide 27Slide 27SummaryAny questions?Page 28SummaryHighly Performing WAFSlide 29Summary“Pay-as-you-Grow” Scalability through Cluster SupportHighly Performing WAFSlide 30SummaryHighly Performing WAFSimple Deployment,Fully Automatic ConfigurationSlide 31SummaryComprehensive Web Applications security coverageHighly Performing WAFSimple Deployment,Fully Automatic ConfigurationSlide 32SummaryRadware AppWall is a Web Application Firewall (WAF) securing Web Applications and enabling PCI compliance offering:Comprehensive Web Applications security coverageSimple deployment and configurationEasy to install – out-of-the-box security deployment Easy to configure – learning mode with auto configurationIntegrated with Radware ADC Solution“Pay-as-you-Grow” scalability through cluster supportHighly performing WAFComplete alerting, forensics, and reporting Slide 33
    Related Search
    We Need Your Support
    Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

    Thanks to everyone for your continued support.

    No, Thanks