Professional Documents
Culture Documents
F5 AdvancedWAF FERNAOconnect2018 PDF
F5 AdvancedWAF FERNAOconnect2018 PDF
We b Ap p
A t ac ks Apps And Identities
U ser /
Initial Targets In 86%
33%
I den ti t y Of Breaches
P hysi ca l 11%
O t her ( VP N ,
3%
P oS , i nf ra .)
Fix vulnerabilities
Stop web attacks
Risk & compliance
What is the
OWASP Top 10?
Top 10 is a broad consensus on the most
critical web application security flaws
Here’s the
or developers
WAFs can be an
alternative to code review
Non-API Self-selected use Enterprise use Product integration
users Tech savvy consumers Business partners Business partners
Innovators Distribution partners Product ecosystem
Disruptors Suppliers Tech-savvy consumers
Digital
experience
Mobile Open Web B2B APIs Product
Web
APIs APIs
Internal
API
ADVANCED WAF
PROACTIVE APP-LAYER
BOT DEFENSE ENCRYPTION
ANTI-BOT BEHAVIORAL
MOBILE SDK DDOS
Automation
Users
credentials A u th e n tic a tio n P ro te c tio n
Mobile C re d e n tia l E n c ry p tio n
Hacker
Bots D a ta C e n te r In te rc o n n e c t C lo u d
Benefits:
Solution: • Prevent the use of dumped
Problem: • App-level credential credential databases (credential
• Criminals are performing encryption stuffing)
account takeover by stealing • Anti-bot mobile SDK • Prevent the theft of user
account credential via malware • Credential Stuffing protection credentials (credential
• Brute force protection harvesting)
• Protect mobile apps - Identify
and pass only the desired mobile
applications.
DDoS 101 – The Targets
Volumetric Attacks Attacks on Server
on Bandwidth stack. Low and Slow.
D D O S M a n a g e d S e rv ic e
Solution:
Silverline under • Always-on protection with on-premises
Always attack
On hardware
• Mitigate with layered defense strategy and
Communication cloud services
(signaling) • F5 SOC monitoring with portal
O n -P re m is e s
• Protect against all attacks with granular
L a y e r 3 D D O S P ro te c tio n L a y e r 7 D D O S P ro te c tio n
control
• Eliminate time-consuming manual
Core tuning with machine learning
Benefits:
• On-premise hardware acts immediately
DDoS Hybrid Users Advanced
Defender WAF and automatically to mitigate attacks.
• Silverline cloud services minimizes the
O p tio n : c o n s o lid a te in to a s in g le la y e r 3 -7 s o lu tio n
risk of larger attacks crippling your site
or applications
F5 Advanced WAF
Protect against bots, credential attacks, and app-layer DoS
Defend against bots
• Proactive bot defense
A n ti-b o t
M o b ile S D K • Anti-bot mobile SDK
F5 A dvanced W A F
• Client and server monitoring
Key Benefits:
• Protects Web and mobile apps from • Prevent Brute Force attacks that Protect apps from DoS
exploits, bots, theft, app-layer DoS use stolen credentials • Auto-tuning
• Behavioral analytics
• Prevent malware from stealing data • Eliminate time-consuming manual
• Dynamic signatures
and credentials tuning for App-layer DoS protection
THE CHANGING DYNAMICS
OF APPLICATION SECURITY
Maximizing Value From Your WAF
C lo u d C lo u d L ic e n s in g
E n te rp ris e BYOL P e r-A p p -V E Licensing A d d -o n
M a rk e tp la c e P ro g ra m
V IP R IO N B IG -IP (U p g ra d e o n ly ) B IG -IP
F5 Silverline F5 M anaged F 5 F ra u d S e rv ic e s
Managed
R u le s fo r
Services W AF M anaged W A F E x p re s s D D o S P ro te c tio n W e b S a fe M o b ile S a fe
AW S W A F
WAF RASP
(W E B A P P L IC AT IO N F IR E W A L L ) (R u n -tim e A p p lic a tio n S e lf P ro te c tio n )
E N T E R P R IS E P R O T E C T IO N A P P P R O T E C T IO N IN S TA N C E
CODING R E G U L AT O R Y C O M P L IA N C E P O S T W A F, IP S , ID S
VA / D A S T IN T E G R AT IO N S IN S ID E A P P O R S E R V E R
M O S T E F F E C T IV E O W A S P 1 0 APP LANGUAGE DEPENDENT
V O L U M E T R IC M IT IG AT IO N U P T O 1 0 % P E R F. R E D U C T IO N
MITIGATE
BUG FIXES IPS BOT PROTECTION
DEVELOPMENT PRODUCTION