Sei sulla pagina 1di 23

Applications Trends and

Drivers
Webification :
Web-based interfaces and connections are being applied to multiple
applications and devices.
There is an increasing in intelligent browsers running on all sorts of
platforms.
Targeted Attacks on specific websites , application and companies.
People and companies are more vulnerable.

Attacks are Moving Up The Stack

ASM is a modular component of the TMOS.


Benefits of TMOS :
Full reverse proxy
SSL accelerator
digital certificates management
FIPS compliant
VLAN segmentation
remote authentication and authorization
enhanced logging
TCP/IP optimization
connection pooling
IP/port filtering
rate shaping
iRules

ASM is a WAF
WAFs are a necessity in todays computing environment.
all clients are at risk, regardless of their industry.

ASM as a WAF can :


Reduce operation Costs on many levels.
Stop attacks.
Reduce the expense of meeting PCI security compliance requirements.
provides is the ability to virtually patch and mitigate application
vulnerabilities in minutes.
allow the security officer to make sure applications are secure without the
need or help of a development team.
provides out-of-the-box application security policies.
It allows the customer to see what is being protected.

ASM in the network and common data flow

ASM that monitor URLs for server latency, top accessed pages, and other statistics

ASM in depth

Securing Applications
Options of security Applications :
modify the application to repair identified vulnerabilities.
implementing point WAF solutions.
use the ADC as a strategic point to secure both your
application your data.

Approaches to securing applications


* ASM uses many layers of defense to protect against attacks Layers four
through seven of the OSI model.
* ASM first performs security checks for RFC compliance with the HTTP protocol .
* Provide protection from generalized and known application attacks .
Provide current . Up-to-date signature to ensure that customer application are
protection.
* Define a list of allowed file types , URLs Parameters , And their values.
* guard against cookie poisoning.
* look at server-side responses and take actions as necessary.

Best Practices
1- Check server response for information leakage.
2- use an application specific security policy, and make sure what is being
protected is clearly defined.
3-log HTTP for audit , after security measures have been implemented , they
should be audited.
4- use a combination of positive and negative security models.
5- always inspect both HTTP and HTTPS traffic to make sure content can be
validate.
6- Enforce security in a manner appropriate to the application. ASM provides the
flexibility to do that.

traditional security devices vs. WAF

Web application firewall - ASM

Deployment and policy


configuration of ASM
There is three types of Traffic Flow Configuration :
1- SNAT
2- Routed
3-Bridged
* Npath is not supported by ASM due to allow traffic to enter the BIG-IP system
from the client, but the server responses are returned directly to the client
without being seen by the BIG-IP.

Policy Configuration
the core of the Application Security Manager functionality is the security policy.
ASM performs this steps :
1- compares each received requests to the active security policy.
2- forward the complaint request to the web application.
3- generates a violation, and then either forwards the request or blocks the
request.
4- checks responses from the web application.
a- send complaint response to the client.
b- cause violations and may also be block noncompliant responses.

There are four basic methods customers can use for


building policies:
1- Application-Ready Security templates
2- Rapid Deployment Policy
3- Policy Builder
4- Manual Policy Configuration

Application-Ready Security templates


Rapid Deployment (http)
Rapid Deployment (https)
Sharepoint 2007 (http)
Sharepoint 2007 (https)
OWA Exchange 2003 (http)
OWA Exchange 2003 (https)
Oracle Applications 11i (http)
Oracle Applications 11i (https)
LotusDominio 6.5 (http)
LotusDominio 6.5 (https)
OWA Exchange 2007 (http)
OWA Exchange 2007 (https)
SAP Netweaver 7 (http)
SAP Netweaver 7 (https)
Peopleesoft Portal 9 (http)

Peopleesoft Portal 9 (https)


Oracle 10g Portal (http)
Oracle 10g Portal (https)

Rapid Deployment Policy


Builds a baseline Policy that senses the types of components that need to be protected .
Deploy with virtually no false positives.
allows the customer to learn the mechanism at their own rate and then enable transparent,
semitransparent, and full blocking .
about 80 percent of all attacks can be mitigated.

with additional configurations, the other 20 percent of the attacks can also be mitigated.
protect against attacks such as Layer 7 Denial of Service attacks, brute force, web scraping, and
CSRF.
staging mode which allows a policy to run for a period of time without enforcement and blocking.

Policy Builder
1- set up the policy.
2- let the system automatically add entities to security policy.
3- let the system stabilize the security policy.
4- let the system track site changes and update the policy.
5- Review the automatic policy building status.

Manual Policy Configuration


Provide ultimate control

PCI DSS
One of the major drivers of ASM is PCI compliance.
PCI DSS stands for Payment Card Industry Data Security Standard.

Potrebbero piacerti anche