Introduction to F5 Silverline Web Application Firewall (WAF)

April 2015

© F5 Networks, Inc 2

Today’s application infrastructure

Most applications are

Web applications

Cloud and SaaS

based applicationsare being deployed more than,

and faster than, ever before

Users are going

Mobile

© F5 Networks, Inc 3

Customers need a more operationally and cost efficient way to protect web applications across multiple environments without scaling

out IT infrastructure and staff.

Maintain

compliance

(PCI DSS)

Defend against

Layer 7 attacks

Secure data

and web

applications

© F5 Networks, Inc 4

Recognized as the most scalable WAF on the

market

Deployed in more datacenters worldwide

than any other WAF

Now available as an enterprise-grade cloud-based service managed

by F5 Security

Operations Center (SOC) experts

F5’s web application firewall portfolioBuilt on BIG-IP ASM

VIPRION Platform BIG-IP Platform BIG-IP Virtual Edition F5 Silverline

WAF

© F5 Networks, Inc 5

Protect web applications and data from layer 7 attacks, and enable compliance, such as PCI DSS, with the Silverline Web Application Firewall service which is built on BIG-IP Application Security Manager and backed by 24x7x365 support from F5 experts.

Silverline Web Application Firewall (WAF)Proven security effectiveness as a convenient cloud-based service

Legitimate

User

L7 Protection:

Geolocation attacks, DDoS,

SQL injection, OWASP Top

Ten attacks, zero-day threats,

AJAX applications, JSON

payloads

Public Cloud Hosted Web

App

Private Cloud Hosted Web

App

VA/DAST Scans

Policy can be built from 3rd Party

DAST

Web Application Firewall Services

WAF

Cloud

Physical Hosted Web App

Attackers F5 Silverline

WAF

© F5 Networks, Inc 6

Key benefits

Reduce operating

costs

Protect web apps,

anywhere

Leverage proven

security efficacy

Rapidly deploy WAF

protections and drive

operational and cost

efficiencies by outsourcing

WAF policy management to

F5 security experts.

Protect web apps, no matter

where they reside with

consistent policies across

hybrid environments in

conjunction with BIG-IP

deployments.

Protect against critical web

attacks with an enterprise-

grade service built on BIG-IP

ASM which is recommended

by NSS Labs with 99.89%

overall security

effectiveness*.

Source: NSS Labs Web Application Firewall Product Analysis. F5 BIG-IP ASM 10200 V11.4.0. https://interact.f5.com/2015ALLF-NSS-Web-App-Firewall--Analysis-for-BIG-IP-ASM_2---

Reg.html

© F5 Networks, Inc 7

recommends BIG-IP ASM

Web Application Firewall when

compared with competitors:

Overall security effectiveness

%99.89

Minimal false positives%.124

Enterprise-grade protection against layer 7 geolocation attacks, DDoS, SQL injection, OWASP Top Ten attacks, zero-day threats, AJAX applications, and JSON payloads delivered as a convenient cloud-based service.

Leverage proven security efficacyAn enterprise-grade web application firewall service

Source: NSS Labs Web Application Firewall Product Analysis. F5 BIG-IP ASM 10200 V11.4.0. https://interact.f5.com/2015ALLF-NSS-Web-App-Firewall--Analysis-for-BIG-IP-ASM_2---

Reg.html

© F5 Networks, Inc 8

F5 security experts proactively monitor, and fine-tune policies to protect web applications and data from new and emerging threats.

• Expert policy setup

• Policy fine-tuning

• Proactive alert monitoring

• False positives tuning

• Detection tuning

• Whitelist / Blacklist Set up and monitoring

Availability & Support

Expert Policy Setup and Management

Active Threat Monitoring

Reduce operating costsby outsourcing WAF policy management to F5 SOC experts

F5 Security Operations Center

© F5 Networks, Inc 9

Protect web apps, anywhereEasily extend WAF protections to SaaS and cloud apps

Protect web apps, no matter where they reside with consistent policies and compliance across hybrid environments, in conjunction with BIG-IP deployments.