F5 Networks: Introduction to Silverline WAF (web application firewall)
-
Upload
f5-networks -
Category
Technology
-
view
694 -
download
3
Transcript of F5 Networks: Introduction to Silverline WAF (web application firewall)
Introduction to F5 Silverline Web Application Firewall (WAF)
April 2015
© F5 Networks, Inc 2
Today’s application infrastructure
Most applications are
Web applications
Cloud and SaaS
based applicationsare being deployed more than,
and faster than, ever before
Users are going
Mobile
© F5 Networks, Inc 3
Customers need a more operationally and cost efficient way to protect web applications across multiple environments without scaling
out IT infrastructure and staff.
Maintain
compliance
(PCI DSS)
Defend against
Layer 7 attacks
Secure data
and web
applications
© F5 Networks, Inc 4
Recognized as the most scalable WAF on the
market
Deployed in more datacenters worldwide
than any other WAF
Now available as an enterprise-grade cloud-based service managed
by F5 Security
Operations Center (SOC) experts
F5’s web application firewall portfolioBuilt on BIG-IP ASM
VIPRION Platform BIG-IP Platform BIG-IP Virtual Edition F5 Silverline
WAF
© F5 Networks, Inc 5
Protect web applications and data from layer 7 attacks, and enable compliance, such as PCI DSS, with the Silverline Web Application Firewall service which is built on BIG-IP Application Security Manager and backed by 24x7x365 support from F5 experts.
Silverline Web Application Firewall (WAF)Proven security effectiveness as a convenient cloud-based service
Legitimate
User
L7 Protection:
Geolocation attacks, DDoS,
SQL injection, OWASP Top
Ten attacks, zero-day threats,
AJAX applications, JSON
payloads
Public Cloud Hosted Web
App
Private Cloud Hosted Web
App
VA/DAST Scans
Policy can be built from 3rd Party
DAST
Web Application Firewall Services
WAF
Cloud
Physical Hosted Web App
Attackers F5 Silverline
WAF
© F5 Networks, Inc 6
Key benefits
Reduce operating
costs
Protect web apps,
anywhere
Leverage proven
security efficacy
Rapidly deploy WAF
protections and drive
operational and cost
efficiencies by outsourcing
WAF policy management to
F5 security experts.
Protect web apps, no matter
where they reside with
consistent policies across
hybrid environments in
conjunction with BIG-IP
deployments.
Protect against critical web
attacks with an enterprise-
grade service built on BIG-IP
ASM which is recommended
by NSS Labs with 99.89%
overall security
effectiveness*.
Source: NSS Labs Web Application Firewall Product Analysis. F5 BIG-IP ASM 10200 V11.4.0. https://interact.f5.com/2015ALLF-NSS-Web-App-Firewall--Analysis-for-BIG-IP-ASM_2---
Reg.html
© F5 Networks, Inc 7
recommends BIG-IP ASM
Web Application Firewall when
compared with competitors:
Overall security effectiveness
%99.89
Minimal false positives%.124
Enterprise-grade protection against layer 7 geolocation attacks, DDoS, SQL injection, OWASP Top Ten attacks, zero-day threats, AJAX applications, and JSON payloads delivered as a convenient cloud-based service.
Leverage proven security efficacyAn enterprise-grade web application firewall service
Source: NSS Labs Web Application Firewall Product Analysis. F5 BIG-IP ASM 10200 V11.4.0. https://interact.f5.com/2015ALLF-NSS-Web-App-Firewall--Analysis-for-BIG-IP-ASM_2---
Reg.html
© F5 Networks, Inc 8
F5 security experts proactively monitor, and fine-tune policies to protect web applications and data from new and emerging threats.
• Expert policy setup
• Policy fine-tuning
• Proactive alert monitoring
• False positives tuning
• Detection tuning
• Whitelist / Blacklist Set up and monitoring
Availability & Support
Expert Policy Setup and Management
Active Threat Monitoring
Reduce operating costsby outsourcing WAF policy management to F5 SOC experts
F5 Security Operations Center
© F5 Networks, Inc 9
Protect web apps, anywhereEasily extend WAF protections to SaaS and cloud apps
Protect web apps, no matter where they reside with consistent policies and compliance across hybrid environments, in conjunction with BIG-IP deployments.