Proteção da aplicação | Webinar CYLK, Westcon e F51. Proteja suas Aplicações e esteja
Seguro
Vinicius Miranda, Sales Engineer
WestconGroup, vinicius.miranda@westcon.com
2. © F5 Networks, Inc 2
• A Importância da Proteção para suas Aplicações;
• Qual a Diferença entre o Firewall Tradicional e o Firewall de Aplicação?
• Principais Ataques Direcionados para as Aplicações;
• Como a F5 Networks ajuda na Proteção das suas Aplicações?
• Duvidas;
Agenda
4. © F5 Networks, Inc 4
Business App Security Access
Proteção da Aplicação é igual a Proteção do Negócio?
Vazamento
de Dados
Roubo de
Credencial
Fraude
US$ 81
Milhões
8.695 casos no
Brasil entre
2014/2015 –
PwC 16
5. © F5 Networks, Inc 5
Como comprovar essa realidade?
Source: Akamai Report
7. © F5 Networks, Inc 7
Vamos entender…
“Next generation” Firewall
Characteristics
• Outbound USER inspection
• Who is doing what?
• “Trusted” users to Internet
Corporate
(users)
Web Application Firewall
Data center
(servers)
Characteristics
• Inbound APPLICATION protection
• Application delivery focus
• “Untrusted” users to data center
8. © F5 Networks, Inc 8
Ok…mas qual é a diferença entre eles?
Multiprotocol Security
IP Reputation
Web Attack Signatures
Web Vulnerabilities Signatures
Automatic Policy Learning
URL, Parameter, Cookie and Form Protection
Leverage Vulnerability Scan Results
10. © F5 Networks, Inc 10
Roubo de Credencial, Vazamento de Dados, Aplicações
Lentas…
SQL
Injection
Cross-Site
Scripting
XSS
Parameter
Tampering
11. © F5 Networks, Inc 11
Vulnerabilidades nas Aplicações WEB…
7%
2014
40%
2016
Como estar protegido diante deste Cenário?
13. © F5 Networks, Inc 13
The New Perimeter Is An App Perimeter
Apps Are The Gateway to Data!
F5
SS
L
SS
L
SS
L
APP
PER-APP / PER-USER PERIMETER
SSL-visible ✖ ✔
Location-independent ✖ ✔
Session-based ✖ ✔
Continuous trust
verification
✖ ✔
Strategic control points ✖ ✔
App availability ✖ ✔
TRADITIONAL
TRADITIONAL NETWORK PERIMETER
App
14. © F5 Networks, Inc 14
Let’s talk about Web Application Firewall - WAF
• A Web application firewall protects Web
servers from malicious traffic and blocks
attempts to compromise the system.
• It prevents targeted attacks that include
cross-site scripting, SQL injection, forceful
browsing,cookie poisoning and invalid
input.
• The F5 BIG-IP® Application Security
Manager is a Web application firewall that
uses both positive and negative security
models to identify, isolate and block
sophisticated attacks without impacting
legitimate application transactions. ASM
15. © F5 Networks, Inc 15
The Value Of F5 Hybrid WAF Protection
Secure response
delivered
Request made
BIG-IP ASM security
policy checked
Server response
generated
Vulnerable
application
• Drop, block or forward request
• Application attack filtering & inspection
• SSL, TCP, HTTP DoS mitigation
Response inspection for errors
and leakage of sensitive
information
BIG-IP ASM security
policy enforced
• #1 Most Effective WAF (NSS Labs)
• 2780 signatures for best protection
• Enable transparent protection from ever-
changing threats
• Reduce risks from vulnerabilities with
dynamic VA/ DAST integrations
• Engage unique BOT detection
(rapid surfing, intervals, event sequence)
• #1 Most Deployed WAF (451 Research)
• 10 of OWASP attacks mitigated with on-box
reporting
• Deploy full-proxy or transparent full-proxy
(bridge mode)
16. © F5 Networks, Inc 16
Mitigate Attacks Across Flexible Environments
Internet
VIPRION Platform
Devices
Data Center
Load Balancing
+ DDoS Protection
+ Application Security
BIG-IP ASM
• Protect critical apps in the datacenter
• Install on any BIG-IP platform
• Deploy as an add-on to BIG-IPs in use or run it as a
standalone.
Protection in the datacenter
NO APP LEFT UNPROTECTED!
BIG-IP
Virtual Edition
Securing apps in the cloud
BIG-IP ASM VE
• Activate security services
close to apps that have
moved to the cloud
• Accelerate development
and test
Cloud-based app protection
Silverline Web App Firewall
• Fast activation of ASM protections
• Managed service for SaaS and tier 2
applications
• 24x7x365 SOC Support
17. © F5 Networks, Inc 17
ASM SILVERLINE
WAF
PROTEJA SUAS APLICAÇÕES E ESTEJA SEGURO!!!!!
18. Next Steps
• Visit us online at www.F5.com/security and for more information on F5 security
solutions.
• Contact your F5 solution expert to discuss effective security solutions that
meet specific needs of your organization and those you do business with.
Edifício Berrini Plaza
Rua Samuel Morse, 134 - 10º andar
Brooklin - São Paulo SP
Tel: +55 11 5054.4480
CEP: 04576-060
E-mail: info@cylk.com.br