SlideShare a Scribd company logo
1 of 16
Download to read offline
Application Firewall (WAF)
onference 2013
bercrime Landscape in 2013
                             …and
                             easier t
                             carry ou
 e
re
ed...
From Network to Application Layer




                    Application Layer
                                        Where	
  increasing	
  
                                        number	
  of	
  a2acks	
  
                        (Layer 7)
                                        are	
  focused	
  

                                        Target	
  of	
  
                     Network Layer      Tradi,onal	
  
                      (Layers 3/4)      DDoS	
  
                                        A2acks	
  
pplication Firewall Highlights

ates at the network edge – over 100,000 servers
 cts requests and responses for malicious content and info le
 cts packets to protect against attacks such as SQL Injections
s-Site Scripts
 gurable to log or block activities against policy
 cts organizations against application layer attacks propagate
P and HTTPS
 les compliance with PCI DSS 1.2 section 6.6
 des advanced rate controls (behavioral based protections)
agates quickly (~30 minutes)
 gured via portal
ecurity Solutions 2.0

urity Rule Update
le Set 2.2.6
CRS support
Common Rules
n Akamai’s unique view
% of internet traffic
 d Rate Controls
 ID; Client-IP+User-Agent
grade Wizard
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013
Appendix & Details
Intelligent Platform™
g Network Layer Attacks at the Edge
ayer attack mitigation                               Examples of attacks types dropped
otection is “always on”                              at Akamai Edge
80 (HTTP) or Port 443 (HTTPS) traffic                §    UDP Fragments
n Platform                                           §    ICMP Floods
r traffic dropped at the Akamai Edge                 §    SYN Floods
k traffic never makes it onto Platform
                                                     §    ACK Floods
 mer not charged for traffic dropped at Edge
s attack requests without requiring identification   §    RESET Floods
 s CNAME onto Akamai Intelligent Platform            §    UDP Floods


ttacks through massive scale
s average throughput; up to 8Tbps
on of HTTP request traffic across 100,000+
  ,100+ networks
 ting, added latency, or point of failure
Rules
plication Firewall
 tion                           The Result
Custom Rules implemented        §  New rule logic can be built to
mai metadata written by             specific use cases for the cus
 i Professional Services        §  Rules can be built that execut
 are created and managed in         one or more baseline rules or
mer portal                          control rules match
 are then associated with       §  Output of application vulnerab
 l policies and deployed with       products can be implemented
 n 45 minutes                       “virtual patches”
                                §  Advanced piping to user valid
                                    actions can be achieved (prio
Rules
plication Firewall
 tion                           The Result
Custom Rules implemented        §  New rule logic can be built to
mai metadata written by             specific use cases for the cus
 i Professional Services        §  Rules can be built that execut
 are created and managed in         one or more baseline rules or
mer portal                          control rules match
 are then associated with       §  Output of application vulnerab
 l policies and deployed with       products can be implemented
 n 45 minutes                       “virtual patches”
                                §  Advanced piping to user valid
                                    actions can be achieved (prio
e Rate Controls
s Behavior Detection
y number of requests per                       §  Statistics collected for 3 reque
d against a given URL                            o  Client Request – Client to Akama
ols requests based on behavior                   o  Forward Request – Akamai Serv
n – not request structure                        o  Forward Response – Origin to A
client IP address, session ID, cookies, etc.
                                               §  Statistics collected allow us to
ure rate categories to
                                                   large proxies and pick out a m
 request rates against digital
                                                   user hiding behind a proxy
ties
te rate-based DDoS attacks                     §  Statistics collected allow for dete
                                                   of pathological behavior by a clie
                                                 o  Request rate is excessive for an
                                                 o  Requests causing too many Orig
e Rate Controls
s Behavior Detection

y number of requests per                       §  Statistics collected for 3 reque
d against a given URL                            o  Client Request – Client to Akama
ols requests based on behavior                   o  Forward Request – Akamai Serv
n – not request structure                        o  Forward Response – Origin to A
client IP address, session ID, cookies, etc.
                                               §  Statistics collected allow us to
ure rate categories to
                                                   large proxies and pick out a m
 request rates against digital
                                                   user hiding behind a proxy
ties
te rate-based DDoS attacks                     §  Statistics collected allow for dete
                                                   of pathological behavior by a clie
                                                 o  Request rate is excessive for an
                                                 o  Requests causing too many Orig
y Monitor (1 of 3)


                               Timeline of Requests
                                     by Hour



           Visual Display of
             Requests by
              Geography                       Requests by
                                              WAF Rule ID



            Requests                                   Requests
         by WAF Message                               by WAF Tag
y Monitor (2 of 3)




                       Multiple ways
                        to display
                     request statistics
y Monitor (3 of 3)




                             Requests by
                                City



           Requests by           ARLs being
         Client IP address        attacked
Kona Web Application Firewall Overview - Akamai at RSA Conference 2013

More Related Content

What's hot

F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence ServiceF5 Networks
 
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force   lior rotkovitch  f5 sirt v5 cleanWAF ASM / Advance WAF - Brute force   lior rotkovitch  f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 cleanLior Rotkovitch
 
Web Application Security and Awareness
Web Application Security and AwarenessWeb Application Security and Awareness
Web Application Security and AwarenessAbdul Rahman Sherzad
 
Benefits of Web Application Firewall
Benefits of Web Application FirewallBenefits of Web Application Firewall
Benefits of Web Application Firewalldavidjohnrace
 
Bot Manager + Cloudlet Strengthen Mitigation Capability
Bot Manager + Cloudlet Strengthen Mitigation CapabilityBot Manager + Cloudlet Strengthen Mitigation Capability
Bot Manager + Cloudlet Strengthen Mitigation CapabilityAkamai Developers & Admins
 
Web application security & Testing
Web application security  & TestingWeb application security  & Testing
Web application security & TestingDeepu S Nath
 
Cross site scripting (xss) attacks issues and defense - by sandeep kumbhar
Cross site scripting (xss) attacks issues and defense - by sandeep kumbharCross site scripting (xss) attacks issues and defense - by sandeep kumbhar
Cross site scripting (xss) attacks issues and defense - by sandeep kumbharSandeep Kumbhar
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug BountiesOWASP Nagpur
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyePrime Infoserv
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security TestingMarco Morana
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Cross Site Scripting: Prevention and Detection(XSS)
Cross Site Scripting: Prevention and Detection(XSS)Cross Site Scripting: Prevention and Detection(XSS)
Cross Site Scripting: Prevention and Detection(XSS)Aman Singh
 

What's hot (20)

Identity Access Management (IAM)
Identity Access Management (IAM)Identity Access Management (IAM)
Identity Access Management (IAM)
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence Service
 
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force   lior rotkovitch  f5 sirt v5 cleanWAF ASM / Advance WAF - Brute force   lior rotkovitch  f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
 
Web Application Security and Awareness
Web Application Security and AwarenessWeb Application Security and Awareness
Web Application Security and Awareness
 
Benefits of Web Application Firewall
Benefits of Web Application FirewallBenefits of Web Application Firewall
Benefits of Web Application Firewall
 
Bot Manager + Cloudlet Strengthen Mitigation Capability
Bot Manager + Cloudlet Strengthen Mitigation CapabilityBot Manager + Cloudlet Strengthen Mitigation Capability
Bot Manager + Cloudlet Strengthen Mitigation Capability
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
 
Web application security & Testing
Web application security  & TestingWeb application security  & Testing
Web application security & Testing
 
Cross site scripting (xss) attacks issues and defense - by sandeep kumbhar
Cross site scripting (xss) attacks issues and defense - by sandeep kumbharCross site scripting (xss) attacks issues and defense - by sandeep kumbhar
Cross site scripting (xss) attacks issues and defense - by sandeep kumbhar
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101
 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
 
Forti web
Forti webForti web
Forti web
 
SOC and SIEM.pptx
SOC and SIEM.pptxSOC and SIEM.pptx
SOC and SIEM.pptx
 
SSRF For Bug Bounties
SSRF For Bug BountiesSSRF For Bug Bounties
SSRF For Bug Bounties
 
Endpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEyeEndpoint Detection & Response - FireEye
Endpoint Detection & Response - FireEye
 
Web Application Security Testing
Web Application Security TestingWeb Application Security Testing
Web Application Security Testing
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
FortiWeb
FortiWebFortiWeb
FortiWeb
 
Cross Site Scripting: Prevention and Detection(XSS)
Cross Site Scripting: Prevention and Detection(XSS)Cross Site Scripting: Prevention and Detection(XSS)
Cross Site Scripting: Prevention and Detection(XSS)
 

Viewers also liked

Great Expectations - Dr. Tom Leighton, Akamai
Great Expectations - Dr. Tom Leighton, AkamaiGreat Expectations - Dr. Tom Leighton, Akamai
Great Expectations - Dr. Tom Leighton, AkamaiAkamai Technologies
 
RSA and RAD 8.5 Top New Value Features
RSA and RAD 8.5 Top New Value FeaturesRSA and RAD 8.5 Top New Value Features
RSA and RAD 8.5 Top New Value FeaturesRoger Snook
 
2013 Good Design is Good Business mobile and RSA
2013 Good Design is Good Business mobile and RSA2013 Good Design is Good Business mobile and RSA
2013 Good Design is Good Business mobile and RSARoger Snook
 
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks
 
Wapples brochure v1 4 eng
Wapples brochure v1 4 engWapples brochure v1 4 eng
Wapples brochure v1 4 enghasbro505
 
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...Source Conference
 
How to Protect Against top Web Security Issues With Citrix NetScaler
How to Protect Against top Web Security Issues With Citrix NetScalerHow to Protect Against top Web Security Issues With Citrix NetScaler
How to Protect Against top Web Security Issues With Citrix NetScalerDavid McGeough
 
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...Denim Group
 
Cryptography - RSA and ECDSA
Cryptography - RSA and ECDSACryptography - RSA and ECDSA
Cryptography - RSA and ECDSAAPNIC
 
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate PerformanceIncapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate PerformanceImperva Incapsula
 
Tripwire IP360 Vulnerability Management Scanning Best Practices
Tripwire IP360 Vulnerability Management Scanning Best PracticesTripwire IP360 Vulnerability Management Scanning Best Practices
Tripwire IP360 Vulnerability Management Scanning Best PracticesTripwire
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Deivid Toledo
 
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...United Security Providers AG
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmIndra97065
 
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareSurviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareCloudflare
 
Akamai: From Theory to Practice
Akamai: From Theory to PracticeAkamai: From Theory to Practice
Akamai: From Theory to PracticeLiz Bradley
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrailnvirters
 
Akamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationAkamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationRoss Andrew Simons
 

Viewers also liked (20)

Great Expectations - Dr. Tom Leighton, Akamai
Great Expectations - Dr. Tom Leighton, AkamaiGreat Expectations - Dr. Tom Leighton, Akamai
Great Expectations - Dr. Tom Leighton, Akamai
 
RSA and RAD 8.5 Top New Value Features
RSA and RAD 8.5 Top New Value FeaturesRSA and RAD 8.5 Top New Value Features
RSA and RAD 8.5 Top New Value Features
 
2013 Good Design is Good Business mobile and RSA
2013 Good Design is Good Business mobile and RSA2013 Good Design is Good Business mobile and RSA
2013 Good Design is Good Business mobile and RSA
 
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
F5 Networks: The Right Way to Protect Against DDoS Attacks (Business White Pa...
 
Wapples brochure v1 4 eng
Wapples brochure v1 4 engWapples brochure v1 4 eng
Wapples brochure v1 4 eng
 
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...
Nazira Omuralieva - Susan Kaufman - Improving Application Security - Vulnerab...
 
How to Protect Against top Web Security Issues With Citrix NetScaler
How to Protect Against top Web Security Issues With Citrix NetScalerHow to Protect Against top Web Security Issues With Citrix NetScaler
How to Protect Against top Web Security Issues With Citrix NetScaler
 
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
RSA 2015 Blending the Automated and the Manual: Making Application Vulnerabil...
 
Cryptography - RSA and ECDSA
Cryptography - RSA and ECDSACryptography - RSA and ECDSA
Cryptography - RSA and ECDSA
 
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate PerformanceIncapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
 
Tripwire IP360 Vulnerability Management Scanning Best Practices
Tripwire IP360 Vulnerability Management Scanning Best PracticesTripwire IP360 Vulnerability Management Scanning Best Practices
Tripwire IP360 Vulnerability Management Scanning Best Practices
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)
 
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
USP SES and the Location Layer: Geolocation for adaptive Access Control and P...
 
RSA Algorithm
RSA AlgorithmRSA Algorithm
RSA Algorithm
 
Public Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithmPublic Key Cryptography and RSA algorithm
Public Key Cryptography and RSA algorithm
 
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareSurviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
 
RSA ALGORITHM
RSA ALGORITHMRSA ALGORITHM
RSA ALGORITHM
 
Akamai: From Theory to Practice
Akamai: From Theory to PracticeAkamai: From Theory to Practice
Akamai: From Theory to Practice
 
Banv meetup-contrail
Banv meetup-contrailBanv meetup-contrail
Banv meetup-contrail
 
Akamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationAkamai -- Analysis and Recommendation
Akamai -- Analysis and Recommendation
 

Similar to Kona Web Application Firewall Overview - Akamai at RSA Conference 2013

Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & ComplianceAmazon Web Services
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Amazon Web Services
 
Infrastructure security & Incident Management
Infrastructure security & Incident Management Infrastructure security & Incident Management
Infrastructure security & Incident Management nullowaspmumbai
 
Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
Kona Site Defender Product Brief - Multi-layered defense to protect websites ...Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
Kona Site Defender Product Brief - Multi-layered defense to protect websites ...Akamai Technologies
 
Finding the needle in the haystack: how Nestle is leveraging big data to defe...
Finding the needle in the haystack: how Nestle is leveraging big data to defe...Finding the needle in the haystack: how Nestle is leveraging big data to defe...
Finding the needle in the haystack: how Nestle is leveraging big data to defe...Big Data Spain
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPROIDEA
 
OSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOpenStorageSummit
 
Unified Protection for Multi-Cloud Infrastructure
Unified Protection for Multi-Cloud InfrastructureUnified Protection for Multi-Cloud Infrastructure
Unified Protection for Multi-Cloud InfrastructureMarketingArrowECS_CZ
 
Deep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilotDeep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilotServicePilot
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
AppGate: Achieving Compliance in the Cloud
AppGate: Achieving Compliance in the CloudAppGate: Achieving Compliance in the Cloud
AppGate: Achieving Compliance in the CloudCryptzone
 
Kinamik Cloud Governance
Kinamik Cloud GovernanceKinamik Cloud Governance
Kinamik Cloud GovernanceNbukhari
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cloudflare
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallAli Kapucu
 
DDoS Mitigation Techniques for Your Enterprise IT Network
DDoS Mitigation Techniques for Your Enterprise IT NetworkDDoS Mitigation Techniques for Your Enterprise IT Network
DDoS Mitigation Techniques for Your Enterprise IT NetworkHaltdos
 
AWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAmazon Web Services
 

Similar to Kona Web Application Firewall Overview - Akamai at RSA Conference 2013 (20)

Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
ip pier solution
ip pier solutionip pier solution
ip pier solution
 
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & Compliance
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
 
Infrastructure security & Incident Management
Infrastructure security & Incident Management Infrastructure security & Incident Management
Infrastructure security & Incident Management
 
Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
Kona Site Defender Product Brief - Multi-layered defense to protect websites ...Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
 
Getting the most out of the aruba policy enforcement firewall
Getting the most out of the aruba policy enforcement firewallGetting the most out of the aruba policy enforcement firewall
Getting the most out of the aruba policy enforcement firewall
 
Finding the needle in the haystack: how Nestle is leveraging big data to defe...
Finding the needle in the haystack: how Nestle is leveraging big data to defe...Finding the needle in the haystack: how Nestle is leveraging big data to defe...
Finding the needle in the haystack: how Nestle is leveraging big data to defe...
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
 
OSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal Stern
 
Unified Protection for Multi-Cloud Infrastructure
Unified Protection for Multi-Cloud InfrastructureUnified Protection for Multi-Cloud Infrastructure
Unified Protection for Multi-Cloud Infrastructure
 
Deep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilotDeep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilot
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
AppGate: Achieving Compliance in the Cloud
AppGate: Achieving Compliance in the CloudAppGate: Achieving Compliance in the Cloud
AppGate: Achieving Compliance in the Cloud
 
Pci multitenancy exalogic at AMIS25
Pci multitenancy exalogic at AMIS25Pci multitenancy exalogic at AMIS25
Pci multitenancy exalogic at AMIS25
 
Kinamik Cloud Governance
Kinamik Cloud GovernanceKinamik Cloud Governance
Kinamik Cloud Governance
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
 
Why Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation FirewallWhy Its time to Upgrade a Next-Generation Firewall
Why Its time to Upgrade a Next-Generation Firewall
 
DDoS Mitigation Techniques for Your Enterprise IT Network
DDoS Mitigation Techniques for Your Enterprise IT NetworkDDoS Mitigation Techniques for Your Enterprise IT Network
DDoS Mitigation Techniques for Your Enterprise IT Network
 
AWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App Security
 

More from Akamai Technologies

Replacing recovery with resilience
Replacing recovery with resilienceReplacing recovery with resilience
Replacing recovery with resilienceAkamai Technologies
 
Competitive EDGE - Data Driven Differentiation
Competitive EDGE - Data Driven DifferentiationCompetitive EDGE - Data Driven Differentiation
Competitive EDGE - Data Driven DifferentiationAkamai Technologies
 
3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against MalwareAkamai Technologies
 
3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access ModelAkamai Technologies
 
새로운 원격 접속 모델이 필요한 3가지 이유
새로운 원격 접속 모델이 필요한 3가지 이유새로운 원격 접속 모델이 필요한 3가지 이유
새로운 원격 접속 모델이 필요한 3가지 이유Akamai Technologies
 
更新遠端存取模式的 3 大理由
更新遠端存取模式的 3 大理由更新遠端存取模式的 3 大理由
更新遠端存取模式的 3 大理由Akamai Technologies
 
应该采用全新远程访问模式的 3 大原因
应该采用全新远程访问模式的 3 大原因应该采用全新远程访问模式的 3 大原因
应该采用全新远程访问模式的 3 大原因Akamai Technologies
 
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと きAkamai Technologies
 
3 razões chegou a hora de um novo modelo de acesso remoto
3 razões chegou a hora de um novo modelo de acesso remoto3 razões chegou a hora de um novo modelo de acesso remoto
3 razões chegou a hora de um novo modelo de acesso remotoAkamai Technologies
 
3 motivi per cui è necessario un nuovo modello di accesso remoto
3 motivi per cui è necessario un nuovo modello di accesso remoto3 motivi per cui è necessario un nuovo modello di accesso remoto
3 motivi per cui è necessario un nuovo modello di accesso remotoAkamai Technologies
 
3 raisons de changer votre modèle d'accès à distance
3 raisons de changer votre modèle d'accès à distance3 raisons de changer votre modèle d'accès à distance
3 raisons de changer votre modèle d'accès à distanceAkamai Technologies
 
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...Akamai Technologies
 
3 Gründe für eine neue Art des Remotezugriffs
3 Gründe für eine neue Art des Remotezugriffs3 Gründe für eine neue Art des Remotezugriffs
3 Gründe für eine neue Art des RemotezugriffsAkamai Technologies
 
Chicago Tech Day Jan 2015: Foundry - HTTP2
Chicago Tech Day Jan 2015: Foundry - HTTP2Chicago Tech Day Jan 2015: Foundry - HTTP2
Chicago Tech Day Jan 2015: Foundry - HTTP2Akamai Technologies
 
Chicago Tech Day Jan 2015: Hidden Features
Chicago Tech Day Jan 2015: Hidden FeaturesChicago Tech Day Jan 2015: Hidden Features
Chicago Tech Day Jan 2015: Hidden FeaturesAkamai Technologies
 
Customer Technology Day Chicago 2015
Customer Technology Day Chicago 2015Customer Technology Day Chicago 2015
Customer Technology Day Chicago 2015Akamai Technologies
 
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEAEdge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEAAkamai Technologies
 
Edge 2014: Increasing Control with Property Manager with eBay
Edge 2014: Increasing Control with Property Manager with eBayEdge 2014: Increasing Control with Property Manager with eBay
Edge 2014: Increasing Control with Property Manager with eBayAkamai Technologies
 
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case StudyEdge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case StudyAkamai Technologies
 

More from Akamai Technologies (20)

Replacing recovery with resilience
Replacing recovery with resilienceReplacing recovery with resilience
Replacing recovery with resilience
 
Competitive EDGE - Data Driven Differentiation
Competitive EDGE - Data Driven DifferentiationCompetitive EDGE - Data Driven Differentiation
Competitive EDGE - Data Driven Differentiation
 
3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware
 
3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model
 
새로운 원격 접속 모델이 필요한 3가지 이유
새로운 원격 접속 모델이 필요한 3가지 이유새로운 원격 접속 모델이 필요한 3가지 이유
새로운 원격 접속 모델이 필요한 3가지 이유
 
更新遠端存取模式的 3 大理由
更新遠端存取模式的 3 大理由更新遠端存取模式的 3 大理由
更新遠端存取模式的 3 大理由
 
应该采用全新远程访问模式的 3 大原因
应该采用全新远程访问模式的 3 大原因应该采用全新远程访问模式的 3 大原因
应该采用全新远程访问模式的 3 大原因
 
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
3 つの理由 今こそ新しいリモート・アク セス・モデルを採用すべきと き
 
3 razões chegou a hora de um novo modelo de acesso remoto
3 razões chegou a hora de um novo modelo de acesso remoto3 razões chegou a hora de um novo modelo de acesso remoto
3 razões chegou a hora de um novo modelo de acesso remoto
 
3 motivi per cui è necessario un nuovo modello di accesso remoto
3 motivi per cui è necessario un nuovo modello di accesso remoto3 motivi per cui è necessario un nuovo modello di accesso remoto
3 motivi per cui è necessario un nuovo modello di accesso remoto
 
3 raisons de changer votre modèle d'accès à distance
3 raisons de changer votre modèle d'accès à distance3 raisons de changer votre modèle d'accès à distance
3 raisons de changer votre modèle d'accès à distance
 
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
3 motivos por los que ahora es el momento perfecto para adoptar un nuevo mode...
 
3 Gründe für eine neue Art des Remotezugriffs
3 Gründe für eine neue Art des Remotezugriffs3 Gründe für eine neue Art des Remotezugriffs
3 Gründe für eine neue Art des Remotezugriffs
 
Chicago Tech Day Jan 2015: Foundry - HTTP2
Chicago Tech Day Jan 2015: Foundry - HTTP2Chicago Tech Day Jan 2015: Foundry - HTTP2
Chicago Tech Day Jan 2015: Foundry - HTTP2
 
Chicago Tech Day Jan 2015: RWD
Chicago Tech Day Jan 2015: RWDChicago Tech Day Jan 2015: RWD
Chicago Tech Day Jan 2015: RWD
 
Chicago Tech Day Jan 2015: Hidden Features
Chicago Tech Day Jan 2015: Hidden FeaturesChicago Tech Day Jan 2015: Hidden Features
Chicago Tech Day Jan 2015: Hidden Features
 
Customer Technology Day Chicago 2015
Customer Technology Day Chicago 2015Customer Technology Day Chicago 2015
Customer Technology Day Chicago 2015
 
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEAEdge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
Edge 2014: Maintaining the Balance: Getting the Most of Your CDN with IKEA
 
Edge 2014: Increasing Control with Property Manager with eBay
Edge 2014: Increasing Control with Property Manager with eBayEdge 2014: Increasing Control with Property Manager with eBay
Edge 2014: Increasing Control with Property Manager with eBay
 
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case StudyEdge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
Edge 2014: Bypass Surgery - Akamai's Heartbleed Response Case Study
 

Recently uploaded

UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 

Recently uploaded (20)

UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 

Kona Web Application Firewall Overview - Akamai at RSA Conference 2013

  • 2. bercrime Landscape in 2013 …and easier t carry ou e re ed...
  • 3. From Network to Application Layer Application Layer Where  increasing   number  of  a2acks   (Layer 7) are  focused   Target  of   Network Layer Tradi,onal   (Layers 3/4) DDoS   A2acks  
  • 4. pplication Firewall Highlights ates at the network edge – over 100,000 servers cts requests and responses for malicious content and info le cts packets to protect against attacks such as SQL Injections s-Site Scripts gurable to log or block activities against policy cts organizations against application layer attacks propagate P and HTTPS les compliance with PCI DSS 1.2 section 6.6 des advanced rate controls (behavioral based protections) agates quickly (~30 minutes) gured via portal
  • 5. ecurity Solutions 2.0 urity Rule Update le Set 2.2.6 CRS support Common Rules n Akamai’s unique view % of internet traffic d Rate Controls ID; Client-IP+User-Agent grade Wizard
  • 8. Intelligent Platform™ g Network Layer Attacks at the Edge ayer attack mitigation Examples of attacks types dropped otection is “always on” at Akamai Edge 80 (HTTP) or Port 443 (HTTPS) traffic §  UDP Fragments n Platform §  ICMP Floods r traffic dropped at the Akamai Edge §  SYN Floods k traffic never makes it onto Platform §  ACK Floods mer not charged for traffic dropped at Edge s attack requests without requiring identification §  RESET Floods s CNAME onto Akamai Intelligent Platform §  UDP Floods ttacks through massive scale s average throughput; up to 8Tbps on of HTTP request traffic across 100,000+ ,100+ networks ting, added latency, or point of failure
  • 9. Rules plication Firewall tion The Result Custom Rules implemented §  New rule logic can be built to mai metadata written by specific use cases for the cus i Professional Services §  Rules can be built that execut are created and managed in one or more baseline rules or mer portal control rules match are then associated with §  Output of application vulnerab l policies and deployed with products can be implemented n 45 minutes “virtual patches” §  Advanced piping to user valid actions can be achieved (prio
  • 10. Rules plication Firewall tion The Result Custom Rules implemented §  New rule logic can be built to mai metadata written by specific use cases for the cus i Professional Services §  Rules can be built that execut are created and managed in one or more baseline rules or mer portal control rules match are then associated with §  Output of application vulnerab l policies and deployed with products can be implemented n 45 minutes “virtual patches” §  Advanced piping to user valid actions can be achieved (prio
  • 11. e Rate Controls s Behavior Detection y number of requests per §  Statistics collected for 3 reque d against a given URL o  Client Request – Client to Akama ols requests based on behavior o  Forward Request – Akamai Serv n – not request structure o  Forward Response – Origin to A client IP address, session ID, cookies, etc. §  Statistics collected allow us to ure rate categories to large proxies and pick out a m request rates against digital user hiding behind a proxy ties te rate-based DDoS attacks §  Statistics collected allow for dete of pathological behavior by a clie o  Request rate is excessive for an o  Requests causing too many Orig
  • 12. e Rate Controls s Behavior Detection y number of requests per §  Statistics collected for 3 reque d against a given URL o  Client Request – Client to Akama ols requests based on behavior o  Forward Request – Akamai Serv n – not request structure o  Forward Response – Origin to A client IP address, session ID, cookies, etc. §  Statistics collected allow us to ure rate categories to large proxies and pick out a m request rates against digital user hiding behind a proxy ties te rate-based DDoS attacks §  Statistics collected allow for dete of pathological behavior by a clie o  Request rate is excessive for an o  Requests causing too many Orig
  • 13. y Monitor (1 of 3) Timeline of Requests by Hour Visual Display of Requests by Geography Requests by WAF Rule ID Requests Requests by WAF Message by WAF Tag
  • 14. y Monitor (2 of 3) Multiple ways to display request statistics
  • 15. y Monitor (3 of 3) Requests by City Requests by ARLs being Client IP address attacked

Editor's Notes

  1. NOTE: You can click on the black bars and adjust the length to fit your text. If your main title goes beyond one line, please remember to move the subtitle bar down a bit in order to keep some space between it and the main title bar. If you do not need a subtitle, you can delete that bar entirely.
  2. Attacks are becoming more sophisticated with multi-vector attacks often hiding the real motivations of attackers. On top of this it has become even easier to carry out different attacks – a quick Google search and anyone with basic tech skills can download these tools and join the fight…
  3. LOIC basically turns your computer's network connection into a firehose of garbage requests, directed towards a target web server. On its own, one computer rarely generates enough TCP, UDP, or HTTP requests at once to overwhelm a web server—garbage requests can easily ignored while legit requests for web pages are responded to as normal. But when thousands of users run LOIC at once, the wave of requests become overwhelming, often shutting a web server (or one of its connected machines, like a database server) down completely, or preventing legitimate requests from being answered. What is HOIC? - High-speed multi-threaded HTTP Flood - Simultaneously flood up to 256 websites at once - Built in scripting system to allow the deployment of 'boosters', scripts designed to thwart DDoS counter measures and increase DoS output. - Easy to use interface - Can be ported over to Linux/Mac with a few bug fixes (I do not have either systems so I do  - Ability to select the number of threads in an ongoing attack - Ability to throttle attacks individually with three settings: LOW, MEDIUM, and HIGH and its written in a language where you can do a bunch of really nifty things just read the RealBasic manual, ;] also no Dependencies (single executable)
  4. Implemented in 10’000s of Akamai Edge Servers
  5. We still defend against “old school” DdoS as well as we ever did….distributed networks, offload DNS, caching content. But there are new attacks that we must evolve our defenses to defend. \\These are the things you’ll be able to defend against – stealthier attacks, more advanced attacks: How do we do this, new rules: Slow post, Slow loris, LOIC are now, HOIC Replace RTR with DLR in Security Monitor (is this Channel Partner Foundations – Today there are no tools for partners to implement Kona 2.0. Partner Focused Enhancements. They made some foundational tools.. WAF ModSecurity Core Rule Set 2.2.6 Includes anomaly scoring and migration wizard Anomaly scoring – related to the HTTP request. Adding the ability to score HTTP requests, provides a means to better assess the risk. Configurable policy to deny. WAF common rules sets: we see lots of attacks, create new rules for all of them. With 2.0 (free to 1.0 customers) the rule set is available. Getting the rules probabaly requires PS engagement. Advanced Rate Controls: protect against more sophisticated attacks, helps address malicious behavior --- behavioral controls. For example: (John has details)
  6. Close on the brand message – you can use the following sample text to speak to this closing brand slide. (Akamai is making your media more mobile, enabling “Any experience, any device, anywhere.” Our goal is to ultimately help you accelerate your business. [Corey]) (Today's best online experiences have been Akamaized . We’re here to help you reach mobile workforces, and 24/7 consumers with any experience on any device, anywhere. And to ultimately help you accelerate your business. [Ravi]) (Akamai’s Application & Cloud Performance Solutions enable you to control your applications, control your costs, and control your cloud, offering you the agility that you need to accelerate your business. [Willie]) (Akamai offers you solutions to revolutionize your media strategy and engage users with any experience, on any device, anywhere, to grow your audience and grow your business. [Bill]) (Mobilize, optimize, and monetize your business, providing a high performance experience to your 24/7 consumers so that you can accelerate your online retail strategies. [Pedro]) (Block threats, not performance, in this ever-evolving hyperconnected world. Securely reach your users on any device, anywhere so you can accelerate your business. [John]) (Akamai helps you connect to users on any device, anywhere, removing the complexities of privacy, security, and rights management, while also allowing businesses to spend advertising dollars more effectively. [Khan])
  7. Platform provides an additional layer of defense and moves the perimeter of defense out to the Edge of the Internet and then goes into the network layer value of that architecture The Akamai platform automatically (** if you’re buying acceleration…** protects against: SYN flood and other TCP attacks UDP attacks HTTP slow client (“drip feed”) attacks HTTP Request Smuggling attacks HTTP Response Splitting attacks The platform only accepts valid HTTP requests on port 80 and 443!
  8. Implemented in 10’000s of Akamai Edge Servers Requests causing too many Origin errors (404, 5XX)
  9. Implemented in 10’000s of Akamai Edge Servers Requests causing too many Origin errors (404, 5XX)
  10. Close on the brand message – you can use the following sample text to speak to this closing brand slide. (Akamai is making your media more mobile, enabling “Any experience, any device, anywhere.” Our goal is to ultimately help you accelerate your business. [Corey]) (Today's best online experiences have been Akamaized . We’re here to help you reach mobile workforces, and 24/7 consumers with any experience on any device, anywhere. And to ultimately help you accelerate your business. [Ravi]) (Akamai’s Application & Cloud Performance Solutions enable you to control your applications, control your costs, and control your cloud, offering you the agility that you need to accelerate your business. [Willie]) (Akamai offers you solutions to revolutionize your media strategy and engage users with any experience, on any device, anywhere, to grow your audience and grow your business. [Bill]) (Mobilize, optimize, and monetize your business, providing a high performance experience to your 24/7 consumers so that you can accelerate your online retail strategies. [Pedro]) (Block threats, not performance, in this ever-evolving hyperconnected world. Securely reach your users on any device, anywhere so you can accelerate your business. [John]) (Akamai helps you connect to users on any device, anywhere, removing the complexities of privacy, security, and rights management, while also allowing businesses to spend advertising dollars more effectively. [Khan])