LBL Application Availability Infrastructure Unified Secure Reverse Proxy
|
|
- Valentine Johnson
- 8 years ago
- Views:
Transcription
1 LBL Application Availability Infrastructure Unified Secure Reverse Proxy Valerio Mezzalira
2 TCOGROUP Company Outline Mission: Development of Software Tools Aimed at Enhancing High Availability (HA) of IT in Mission Critical and Business Critical Environments Main Focus: HA, Business Continuity, and Disaster-Recovery Target Markets: Finance, TELCO, e-commerce, Healthcare, Transportation, Energy Oil & Gas, Manufacturing, Education, Public Administrations, Service Providers
3 The Reference Scenario IT services evolution: Security, Performance, Control by design SSO Analysis & Reporting Billing Security Speed & Performance Full Availability Solution Features IaaS OpenStack SDN
4 The Reference Scenario IT services evolution: from individual application... Service Layers Network Security Application Database SAN
5 The Reference Scenario... to service... Service Layers Network Security Reverse-proxy B Application B Reverse-proxy A Application A Reverse-proxy C Application C Reverse-proxy DBMS A Reverse-proxy DBMS B Database Reverse-proxy DBMS DBMS A C Database DBMS B Database DIRSRV Reverse-proxy DIRSRV SAN Virtualization SAN Database Text Database img Database logs
6 LBL LoadBalancer Unified Reverse Proxy Service Layers Network Application A Security Application C Application B Remote Desktop Network File System Database DIRSRV Unified Reverse Proxy Database Text Exchange Database img SAN Virtualization SAN
7 LBL LoadBalancer Unified Reverse Proxy Service Layers Network Application A Security Application C Application B Remote Desktop Network File System Database DIRSRV Unified Reverse Proxy Database Text Exchange Database img SAN Virtualization SAN
8 LBL LoadBalancer Unified Reverse Proxy Service Layers Network Application B Application A Security Application C Dynamic Path Remote Desktop Network File System Database DIRSRV Unified Reverse Proxy Database Text Exchange Database img SAN Virtualization SAN
9 LBL LoadBalancer Unified Reverse Proxy Business Continuity Sites Primary building Secondary building Disaster Recovery Site
10 LBL LoadBalancer Unified Reverse Proxy Business Continuity Sites Primary building Secondary building Disaster Recovery Site
11 LBL LoadBalancer Unified Reverse Proxy ON CLOUD Border Router Protocol (Amazon Regions Compliant) DoS/DDoS resolver DoS/DDoS Resolver
12 Header rewriting GET / HTTP/1.1 Host: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; it; rv: ) Gecko/ Firefox/3.6.2 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: it-it,it;q=0.8,en-us;q=0.5,en;q=0.3 Accept-Encoding: gzip,deflate Accept-Charset: ISO ,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Cookie: LBLSESSIONID= ; TCOPROJECTAUTH= ; TCOPROJECTSESSIONID= L7 HTTP/S / L4 TCP/UDP Contents rewriting Content inspection and rewriting of data streams through regular expressions or/and by easy java programming (call-back). LBL Content Rewriter allows you to perform complex operations by SSO integration and actively intervene in relation to the content or quantity of data traffic load. /* Linee di inclusione titolo e bottom della pagina */ td.encloserline { height: 2px; background-color: rgb(51, 51, 255); } /* Tabella di contenuti */ table.contenttable { text-align: left; width: 100%; } /* titolo del paragrafo */ td.paragraphtitle { text-align: left; color: black; font-weight: bold; font-style: italic; background-color: rgb(255, 143, 89); } Body rewriting /* corpo del paragrafo */ td.paragraphbody { text-align: left; }
13 TLS & Certificates management A<----SSL---->LBL<----NOSSL---->B A<----SSLa-m---->LBL<----SSLm-b---->B (1) (3) host: localhost user-agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; it; rv: ) Gecko/ Firefox/3.6.3 (.NET CLR ) accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 accept-language: it-it,it;q=0.8,en-us;q=0.5,en;q=0.3 accept-encoding: gzip,deflate accept-charset: ISO ,utf-8;q=0.7,*;q=0.7 keep-alive: 115 connection: keep-alive referer: cookie: LBLSESSIONID= content-type: application/x-www-form-urlencoded content-length: 33 x-fwdcertserialnumber_0: x-fwdcertdatenotbefore_0: :19:17.0 UTC x-fwdcertdatenotafter_0: :19:17.0 UTC x-fwdcertsubject_0: CN=clientname, OU=clientlob, O=clientcompany, L=clientcountry, ST=clientdistrict, C=IT x-fwdcertissuer_0: CN=clientname, OU=clientlob, O=clientcompany, L=clientcountry, ST=clientdistrict, C=IT x-fwdcertencodedpem_0: -----BEGIN+CERTIFICATE---- 0AMIICdTCCAd6gAwIBAgIETHEVxTANBgkqhkiG9w0BAQUFADB2FMQswCQYDVQQGEwJJVDEXMBUGA1UECBMOY2xpZW50ZGlzdHJp0AY3QxFjAU BgNVBAcTDWNsaWVudGNvdW50cnkxFjAUBgNVBAoTDWNsaWVudGNvbXBhbnkxEjAQBgNVBAsTCWNsaWVudGxvYjET0AMBEGA1UEAxMKY2xpZW 50bmFtZTAeFw0xMDA4MjIxMjE5MTdaFw0xMTA4MjIxMjE5MTdaMH8xCzAJBgNVBAYTAklUMRcwFQYD0AVQQIEw5jbGllbnRkaXN0cmljdDEWMBQG A1UEBxMNY2xpZW50Y291bnRyeTEWMBQGA1UEChMNY2xpZW50Y29tcGFueTESMBAG0AA1UECxMJY2xpZW50bG9iMRMwEQYDVQQDEwpjbGllbnR uyw1lmigfma0gcsqgsib3dqebaquaa4gnadcbiqkbgqcgmdlc3mhc0arflqnppgubfg2yyvnbuejsarzn6l0cjcqxlqpfmrh0npridg2blsp98tisi2bk Mlcxbvl3Y6Dk6QTUCw1AxN7vUUapZ4tJBwzM0AUACAYp6HCr1tFTvgU8XQui74hqkcZjSPOSvoX2BuIjmSl832O6Iu0hoG0GPE2FqF3THQIDAQABMA0GCS qgsib3dqebbquaa4gb0aadumybb76yzrcgvvdjttqnltfcxrwunkj2qkbdde9esp2f9h8zqucowcig5pj0zryyapfqsowwdz18rut1scqeux2%2f7l2f 2FFyk0AEeSVL8mr9eB4mMxgACNFn6GzUTkUD2PBO5HNBc9TcKvEzTtTP35x13pNTaWvhNBL2Li09y5xUfIi%0D%0A----END+CERTIFICATE----- %0D%0A x-forwarded-for: TLS Termination & Spontaneous offloading Client Certificate forwarding (Integrating J2EE application with no change) TLS Re-encryption
14 TLS-SNI (Server Name Indication) public network TLS handshake using SNI Client Hello requesting secursite2.com Server Hello secursite2.com certificate Listen on port 80 DNS: No number certificates limits per address/port More certificates container with different passwords
15 SUCCESS STORIES Microsoft TMG replacement from 2011
16 LBL Application Availability Infrastructure ALL ASL / Health for Regione Sardegna (over 7 years of uninterrupted service) +CRESSAN
17 LBL LoadBalancer Unified Reverse Proxy Service Layers Network Application A Security Application C Application B Database DBMS A Network File System Database DIRSRV Unified Reverse Proxy Database Text Exchange Database img SAN Virtualization SAN
18 LBL LoadBalancer Unified Secure Reverse Proxy Service Layers Network Application A Application C Application B Remote Desktop Network File System Database DIRSRV Unified Reverse Proxy Security Database Text Exchange Database img SAN Virtualization SAN
19 LBL LoadBalancer Unified Secure Reverse Proxy Service Layers Network Application A Application B Remote Desktop Network File System Database DIRSRV Unified Secure Reverse Proxy Application C Database Text Database img Exchange SAN Virtualization SAN
20 LBL LoadBalancer Unified Secure Reverse Proxy Run-Time security Consumers Dispatcher Producers
21 LBL LoadBalancer Unified Secure Reverse Proxy Run-Time security Consumers Dispatcher Producers 1. Session Cookie 2. Set-Cookie app server generation 3. HSTS: Redirect from http to https 4. HSTS: Strict-Transport-Security injection on response 5. Check body lenght in POST no dependent by content-type / transfer enconding 6. DoS (Unique feature in today market) 7. DDoS (Unique feature in today market) 8. DDoS iredcarpet (Application Quality of Service) (Unique feature in today market) 9. Client SSL Protocols interceptor and tracing 10. SSL ciphers suite And Protocols Global / Listeners / Backend abilitations 11. SSO e client certificate management 12. XSS mitigation 13. END POINT MASKERATION
22 LBL LoadBalancer Unified Secure Reverse Proxy Run-Time security Consumers Dispatcher Producers Least priority DoS DDoS Attack Mitigation Least priority Very Important Person Least priority Very Important Person Least priority Very Important Person Very Important Person
23 LBL LoadBalancer Unified Secure Reverse Proxy Run-Time Tracing Consumers Dispatcher Producers LBL Traffic Monetizer Transactional data aggregation engine, tens millions of hits hour
24 LBL Unified Reverse Proxy Real-Time traffic analisys Consumers Dispatcher Producers Attack Prophecy
25 LBL Unified Reverse Proxy Real-Time reaction to Run-Time filtering Consumers Dispatcher Producers Attack Prophecy SOC
26 Cyber security cycle LBL Security cycle (compliance DPCM 24 gennaio 2013) External assessment Continuous assessment Add rules WAF DoS DDoS resolver WAF Event notification for authority Real-time Interceptions Real-time analisys Real-time Reaction Data aggregation Data collection
27 LBL Traffic Monetizer The best solution is the next generation systems Attack Prophecy SOC NOC APPLICATIONS BUSINESS
28 LBL A.A.I. TARGET
29 LBL A.A.I. products map LBL Application Availability Infrastructure WAF Developer WAF ADVANCED SECURITY LoadBalancer TRAFFIC DATA SECURITY LBL A.A.I. BC/DR Commander DNS & PROXY Manager Platform Standard HA Decision Engine WorkFlow Enterprise HA Selected Capacity S1 Selected Capacity S1 HA MANAGEMENT Management Console Selected Capacity S2 Selected Capacity S3 Selected Capacity S2 HA Selected Capacity S3 HA TRACING/SECURITY PERFORMANCE Traffic Monetizer Catalog Catalog Selected Capacity DoS/DDoS attack mitigation Attack Prophecy Customer Experience DB Embedded appliance
30 LBL A.A.I. DoS Attack Prevention LBL DoS DDoS Attack Prevention VIP iredcarpet Least priority Least priority Very Important Person Least priority Very Important Person Least priority Very Important Person Very Important Person
31 Thank you for your attention TCOGROUP S.r.l. TCO Software Group Inc.
32 LBL WAF DEVELOPER (Unique feature in today market) With consumer WAF developer there are multiple implementations in the dark. Everything that is implemented can be deeply tested before entry into production. The times of implementations are reduced from 1000 to 1. LBL WAF Developer allows you to follow the evolution of enterprise security, SSO, quickly adapting policies with drastic costs reduction and GUARANTEE OF A RESULT.
Anatomy of a Pass-Back-Attack: Intercepting Authentication Credentials Stored in Multifunction Printers
Anatomy of a Pass-Back-Attack: Intercepting Authentication Credentials Stored in Multifunction Printers By Deral (PercX) Heiland and Michael (omi) Belton Over the past year, one focus of the Foofus.NET
More informationDEPLOYMENT GUIDE Version 1.1. Deploying the BIG-IP LTM v10 with Citrix Presentation Server 4.5
DEPLOYMENT GUIDE Version 1.1 Deploying the BIG-IP LTM v10 with Citrix Presentation Server 4.5 Table of Contents Table of Contents Deploying the BIG-IP system v10 with Citrix Presentation Server Prerequisites
More informationHTTP Response Splitting
The Attack HTTP Response Splitting is a protocol manipulation attack, similar to Parameter Tampering The attack is valid only for applications that use HTTP to exchange data Works just as well with HTTPS
More informationCyber Security Workshop Ethical Web Hacking
Cyber Security Workshop Ethical Web Hacking May 2015 Setting up WebGoat and Burp Suite Hacking Challenges in WebGoat Concepts in Web Technologies and Ethical Hacking 1 P a g e Downloading WebGoat and Burp
More informationTHE PROXY SERVER 1 1 PURPOSE 3 2 USAGE EXAMPLES 4 3 STARTING THE PROXY SERVER 5 4 READING THE LOG 6
The Proxy Server THE PROXY SERVER 1 1 PURPOSE 3 2 USAGE EXAMPLES 4 3 STARTING THE PROXY SERVER 5 4 READING THE LOG 6 2 1 Purpose The proxy server acts as an intermediate server that relays requests between
More informationICSA Labs Web Application Firewall Certification Testing Report Web Application Firewall - Version 2.1 (Corrected) Radware Inc. AppWall V5.6.4.
ICSA Labs Web Application Firewall Certification Testing Report Radware Inc. V5.6.4.1 May 30, 2013 Prepared by ICSA Labs 1000 Bent Creek Blvd., Suite 200 Mechanicsburg, PA 17050 www.icsalabs.com WAFX RADWAREINC-2013-0530-01
More informationPlaying with Web Application Firewalls
Playing with Web Application Firewalls Who is Wendel? Independent penetration test analyst. Affiliated to Hackaholic team. Over 7 years in the security industry. Discovered vulnerabilities in Webmails,
More informationAll You Can Eat Realtime
HTML5 WebSocket: All You Can Eat Realtime By Peter Lubbers, Kaazing May 14, 2010 1 About Peter Lubbers Director of Documentation and Training, Kaazing Co-Founder San Francisco HTML5 User Group http://www.sfhtml5.org/
More informationUsing SAML for Single Sign-On in the SOA Software Platform
Using SAML for Single Sign-On in the SOA Software Platform SOA Software Community Manager: Using SAML on the Platform 1 Policy Manager / Community Manager Using SAML for Single Sign-On in the SOA Software
More informationLoad balancing Microsoft IAG
Load balancing Microsoft IAG Using ZXTM with Microsoft IAG (Intelligent Application Gateway) Server Zeus Technology Limited Zeus Technology UK: +44 (0)1223 525000 The Jeffreys Building 1955 Landings Drive
More informationHypertext for Hyper Techs
Hypertext for Hyper Techs An Introduction to HTTP for SecPros Bio Josh Little, GSEC ~14 years in IT. Support, Server/Storage Admin, Webmaster, Web App Dev, Networking, VoIP, Projects, Security. Currently
More informationSecurity-Assessment.com White Paper Leveraging XSRF with Apache Web Server Compatibility with older browser feature and Java Applet
Security-Assessment.com White Paper Leveraging XSRF with Apache Web Server Compatibility with older browser feature and Java Applet Prepared by: Roberto Suggi Liverani Senior Security Consultant Security-Assessment.com
More informationArnaud Becart ip- label 11/9/11
Arnaud Becart ip- label 11/9/11 RUM Synthe2c Tests You should measure HTML and RIA (Flash ) Page Rendering Onload + Full Page Load InteracBons in your page Third Party content How Synthe2c / Real browsers
More informationSemantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual. Document Version 1.0
Semantic based Web Application Firewall (SWAF V 1.6) Operations and User Manual Document Version 1.0 Table of Contents 1 SWAF... 4 1.1 SWAF Features... 4 2 Operations and User Manual... 7 2.1 SWAF Administrator
More informationBasic & Advanced Administration for Citrix NetScaler 9.2
Basic & Advanced Administration for Citrix NetScaler 9.2 Day One Introducing and deploying Citrix NetScaler Key - Brief Introduction to the NetScaler system Planning a NetScaler deployment Deployment scenarios
More information2013 MONITORAPP Co., Ltd.
01 Cloud Computing Overview Intelligent Web Application Firewall For Cloud Infrastructure Introduction 2013 MONITORAPP Co., Ltd. 01 Cloud Computing Overview Cloud-based Web Firewall Overview The new form
More informationIntroduction to the EIS Guide
Introduction to the EIS Guide The AirWatch Enterprise Integration Service (EIS) provides organizations the ability to securely integrate with back-end enterprise systems from either the AirWatch SaaS environment
More informationProject X Mass interception of encrypted connections
Project X Mass interception of encrypted connections What? SSL/TLS interception TOR interception ...a thorny path Common Issues Public Key Pinning avoids rogue CA to sign certs Common Issues Google and
More informationResearch of Web Real-Time Communication Based on Web Socket
Int. J. Communications, Network and System Sciences, 2012, 5, 797-801 http://dx.doi.org/10.4236/ijcns.2012.512083 Published Online December 2012 (http://www.scirp.org/journal/ijcns) Research of Web Real-Time
More informationATS Test Documentation
ATS Test Documentation Release 0.1 Feifei Cai March 31, 2015 Contents 1 HTTP 3 1.1 Keep-alive................................................ 3 1.2 Connection Timeouts...........................................
More informationBarracuda Networks Web Application Firewall
McAfee Enterprise Security Manager Data Source Configuration Guide Data Source: Barracuda Networks Web Application Firewall January 30, 2015 Barracuda Networks Web Application Firewall Page 1 of 10 Important
More informationException inattendue. Workflow v1.6.1 - connexion en tant qu'administrateur
Workflow v1.6.1 - connexion en tant qu'administrateur Lorsque je tente d'exporter des fiches (export simple, complet ou complet avec historique) en tant que "Ressource pédagogique [Simple]", j'ai l'erreur
More informationLab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace
Lab Exercise SSL/TLS Objective To observe SSL/TLS (Secure Sockets Layer / Transport Layer Security) in action. SSL/TLS is used to secure TCP connections, and it is widely used as part of the secure web:
More informationNick McClure University of Kentucky
Nick McClure University of Kentucky Nick McClure Lead Systems Programmer University of Kentucky nickjm@uky.edu Redundancy Multiple components able to perform the same tasks Clustering (Database/Storage)
More informationMigrating the SSL Offloading Configuration of the Alteon Application Switch 2424-SSL to AlteonOS version 27.0.0.0
Migrating the SSL Offloading Configuration of the Alteon Application Switch 2424-SSL to AlteonOS version 27.0.0.0 Table of Contents 1 Introduction... 1 2 Certificates Repository... 2 3 Common SSL Offloading
More informationPlaying with Web Application Firewalls
Playing with Web Application Firewalls DEFCON 16, August 8-10, 2008, Las Vegas, NV, USA Who is Wendel Guglielmetti Henrique? Penetration Test analyst at SecurityLabs - Intruders Tiger Team Security division
More informationPolyglot: Automatic Extraction of Protocol Message Format using Dynamic Binary Analysis
Polyglot: Automatic Extraction of Protocol Message Format using Dynamic Binary Analysis Juan Caballero, Heng Yin, Zhenkai Liang Carnegie Mellon University Dawn Song Carnegie Mellon University & UC Berkeley
More informationApplication Note. Active Directory Federation Services deployment guide
Application Note Active Directory Federation Services deployment guide Document version: v1.1 Last update: 20th January 2014 Purpose ALOHA Load-Balancer deployment guide for Microsoft ADFS and ADFS proxy
More informationConfiguration Guide. BlackBerry Enterprise Service 12. Version 12.0
Configuration Guide BlackBerry Enterprise Service 12 Version 12.0 Published: 2014-12-19 SWD-20141219132902639 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12...
More informationHow To Protect A Web Application From Attack From A Trusted Environment
Standard: Version: Date: Requirement: Author: PCI Data Security Standard (PCI DSS) 1.2 October 2008 6.6 PCI Security Standards Council Information Supplement: Application Reviews and Web Application Firewalls
More informationWeb Security Threat Report: January April 2007. Ryan C. Barnett WASC Member Project Lead: Distributed Open Proxy Honeypots
Web Security Threat Report: January April 2007 Ryan C. Barnett WASC Member Project Lead: Distributed Open Proxy Honeypots What are we reporting? We are presenting real, live web attack data captured in-the-wild.
More informationIntroduction to Mobile Access Gateway Installation
Introduction to Mobile Access Gateway Installation This document describes the installation process for the Mobile Access Gateway (MAG), which is an enterprise integration component that provides a secure
More informationPackage httprequest. R topics documented: February 20, 2015
Version 0.0.10 Date 2014-09-29 Title Basic HTTP Request Author Eryk Witold Wolski, Andreas Westfeld Package httprequest February 20, 2015 Maintainer Andreas Westfeld HTTP
More informationConfiguration Guide BES12. Version 12.1
Configuration Guide BES12 Version 12.1 Published: 2015-04-22 SWD-20150422113638568 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12... 8 Product documentation...
More informationInformation Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified
Standard: Data Security Standard (DSS) Requirement: 6.6 Date: February 2008 Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified Release date: 2008-04-15 General PCI
More informationPríprava štúdia matematiky a informatiky na FMFI UK v anglickom jazyku
Univerzita Komenského v Bratislave Fakulta matematiky, fyziky a informatiky Príprava štúdia matematiky a informatiky na FMFI UK v anglickom jazyku ITMS: 26140230008 dopytovo orientovaný projekt Moderné
More informationDEPLOYMENT GUIDE DEPLOYING THE BIG-IP LTM SYSTEM WITH CITRIX PRESENTATION SERVER 3.0 AND 4.5
DEPLOYMENT GUIDE DEPLOYING THE BIG-IP LTM SYSTEM WITH CITRIX PRESENTATION SERVER 3.0 AND 4.5 Deploying F5 BIG-IP Local Traffic Manager with Citrix Presentation Server Welcome to the F5 BIG-IP Deployment
More informationCS640: Introduction to Computer Networks. Applications FTP: The File Transfer Protocol
CS640: Introduction to Computer Networks Aditya Akella Lecture 4 - Application Protocols, Performance Applications FTP: The File Transfer Protocol user at host FTP FTP user client interface local file
More informationivoyeur: permission to parse
D A V I D J O S E P H S E N ivoyeur: permission to parse David Josephsen is the author of Building a Monitoring Infrastructure with Nagios (Prentice Hall PTR, 2007) and Senior Systems Engineer at DBG,
More informationWebsense Content Gateway v7.x: Troubleshooting
Websense Content Gateway v7.x: Troubleshooting Topic 60042 Content Gateway Troubleshooting Updated: 28-October-2013 Dropped HTTPS connections Websites that have difficulty transiting Content Gateway Low
More informationHTTP/2: Operable and Performant. Mark Nottingham @mnot (@akamai)
HTTP/2: Operable and Performant Mark Nottingham @mnot (@akamai) This talk may be disappointing. As we know, there are known knowns; there are things we know we know. We also know there are known unknowns;
More informationSSL Inspection Step-by-Step Guide. June 6, 2016
SSL Inspection Step-by-Step Guide June 6, 2016 Key Drivers for Inspecting Outbound SSL Traffic Eliminate blind spots of SSL encrypted communication to/from the enterprise Maintaining information s communication
More informationConfiguration Guide BES12. Version 12.2
Configuration Guide BES12 Version 12.2 Published: 2015-07-07 SWD-20150630131852557 Contents About this guide... 8 Getting started... 9 Administrator permissions you need to configure BES12... 9 Obtaining
More informationINUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER
INUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER ARCHITECTURE OVERVIEW AND SYSTEM REQUIREMENTS Mathieu SCHIRES Version: 1.0.0 Published March 5, 2015 http://www.inuvika.com Contents 1 Introduction 3 2 Architecture
More informationAplikacija novi vladar poslovanja. Dino Novak F5 Networks
Aplikacija novi vladar poslovanja Dino Novak F5 Networks What is an application nowdays? Device native or HTTP based (no longer on client only) Dynamic (many server GET/PUT requests) Talks to backend service(s)
More informationDeveloping Applications With The Web Server Gateway Interface. James Gardner EuroPython 3 rd July 2006 www.3aims.com
Developing Applications With The Web Server Gateway Interface James Gardner EuroPython 3 rd July 2006 www.3aims.com Aims Show you how to write WSGI applications Quick recap of HTTP, then into the nitty
More informationNetwork Technologies
Network Technologies Glenn Strong Department of Computer Science School of Computer Science and Statistics Trinity College, Dublin January 28, 2014 What Happens When Browser Contacts Server I Top view:
More informationPacket Matching. Paul Offord, Advance7
Packet Matching Paul Offord, Advance7 Relax! Model network Server Farm Client Router / Firewall Firewall Load Balancer LAN 1 Internet 0 2 3 4 5 The challenge Matching packets from PC to 1 st server tier
More informationArrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015
Arrow ECS University 2015 Radware Hybrid Cloud WAF Service 9 Ottobre 2015 Get to Know Radware 2 Our Track Record Company Growth Over 10,000 Customers USD Millions 200.00 150.00 32% 144.1 16% 167.0 15%
More informationRecent work in OpenBSD relayd AsiaBSDCon 2013 Reyk Flöter (reyk@openbsd.org)
Recent work in OpenBSD relayd AsiaBSDCon 2013 Reyk Flöter (reyk@openbsd.org) Agenda History & Background Recent work SSL Interception Socket Splicing Filter rewrite relayd buzzword bingo Load Balancer
More informationSophos UTM Web Application Firewall for Microsoft Exchange connectivity
How to configure Sophos UTM Web Application Firewall for Microsoft Exchange connectivity This article explains how to configure your Sophos UTM 9.2 to allow access to the relevant Microsoft Exchange services
More informationThe Application Delivery Controller Understanding Next-Generation Load Balancing Appliances
White Paper Overview To accelerate response times for end users and provide a high performance, highly secure and scalable foundation for Web applications and rich internet content, application networking
More informationWeb Application Firewall
Web Application Firewall Getting Started Guide August 3, 2015 Copyright 2014-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks
More informationLoad Balancing Microsoft Lync 2010 Load Balancing Microsoft Lync 2013. Deployment Guide
Load Balancing Microsoft Lync 2010 Load Balancing Microsoft Lync 2013 Deployment Guide rev. 1.6.1 Copyright 2002 2015 Loadbalancer.org, Inc. 1 Table of Contents About this Guide...4 Loadbalancer.org Appliances
More informationSecurity Intelligenece: tracking obfuscated and unrecognized attacks. 2014 Check Point Software Technologies Ltd.
Security Intelligenece: tracking obfuscated and unrecognized attacks 2014 Check Point Software Technologies Ltd. Security Policy Rule Types: 1 Access People, Applications, Services, Servers, Data 2 Threat
More informationUse FortiWeb to Publish Applications
Tech Brief Use FortiWeb to Publish Applications Replacing Microsoft TMG with a FortiWeb Web Application Firewall Version 0.2, 27 June 2014 FortiWeb Release 5.2.0 Introduction This document is intended
More informationBarracuda Load Balancer Online Demo Guide
Barracuda Load Balancer Online Demo Guide Rev 1.3 October 04, 2012 Product Introduction The Barracuda Networks Load Balancer provides comprehensive IP load balancing capabilities to any IP-based application,
More informationTESTING & INTEGRATION GROUP SOLUTION GUIDE
TESTING & INTEGRATION GROUP SOLUTION GUIDE AppDirecor optimizing the delivery of VMware View 4.5 Contents INTRODUCTION... 2 RADWARE APPDIRECTOR... 2 VMWARE VIEW... 2 RADWARE APPDIRECTOR AND VMWARE VIEW
More informationLoad Balancing Microsoft AD FS. Deployment Guide
Load Balancing Microsoft AD FS Deployment Guide rev. 1.1.1 Copyright 2002 2015 Loadbalancer.org, Inc. Table of Contents About this Guide...4 Loadbalancer.org Appliances Supported...4 Loadbalancer.org Software
More informationA Standard Modest WebSite
A Standard Modest WebSite 3-tier application using Servlets and JDBC HTTP Servlet JDBC JSP...... Servlet DBMS Clients Application Server Roadmap Want to grow to robust enterprise-scale systems: replicated
More informationAvoid Microsoft Lync Deployment Pitfalls with A10 Thunder ADC
WHITE PAPER Avoid Microsoft Lync Deployment Pitfalls with A10 Thunder ADC Table of Contents Introduction...3 Executive Summary...3 High Availability...3 Advanced Load Balancing...4 Global Server Load Balancing...4
More informationIntroduction to the Mobile Access Gateway
Introduction to the Mobile Access Gateway This document provides an overview of the AirWatch Mobile Access Gateway (MAG) architecture and security and explains how to enable MAG functionality in the AirWatch
More informationThe Importance of Secure URL Re-Write
The Importance of Secure URL Re-Write Overview Because of their significant performance benefits and their ability to enable secure content networking, SSL offloaders have emerged as an integral component
More informationIntegrated SSL Scanning
Software Version 9.0 Copyright Copyright 1996-2008. Finjan Software Inc. and its affiliates and subsidiaries ( Finjan ). All rights reserved. All text and figures included in this publication are the exclusive
More informationIntroduction to ServerIron ADX Application Switching and Load Balancing. Module 6: Content Switching (CSW) Revision 0310
Introduction to ServerIron ADX Application Switching and Load Balancing Module 6: Content Switching (CSW) Revision 0310 Objectives Upon completion of this module the student will be able to: Define layer
More informationMicrosoft Lync 2010 Deployment Guide
Microsoft Lync 2010 Deployment Guide v1.3.7 Copyright 2013 Loadbalancer.org, Inc. 1 Table of Contents About this Guide... 4 Appliances Supported... 4 Microsoft Lync 2010 Software Versions Supported...4
More informationEffiziente Filter gegen Kinderpornos und andere Internetinhalte. Lukas Grunwald DN-Systems GmbH CeBIT 2010- Heise Forum 2010 Hannover
Effiziente Filter gegen Kinderpornos und andere Internetinhalte Lukas Grunwald DN-Systems GmbH CeBIT 00- Heise Forum 00 Hannover Why Filtering Slow down distributed denial of service attacks (ddos) Filter
More informationProxies. Chapter 4. Network & Security Gildas Avoine
Proxies Chapter 4 Network & Security Gildas Avoine SUMMARY OF CHAPTER 4 Generalities Forward Proxies Reverse Proxies Open Proxies Conclusion GENERALITIES Generalities Forward Proxies Reverse Proxies Open
More informationHAProxy. Ryan O'Hara Principal Software Engineer, Red Hat September 17, 2014. 1 HAProxy
HAProxy Ryan O'Hara Principal Software Engineer, Red Hat September 17, 2014 1 HAProxy HAProxy Overview Capabilities Configuration OpenStack HA Neutron LBaaS Resources Questions 2 HAProxy Overview Load
More informationAchieving PCI Compliance Using F5 Products
Achieving PCI Compliance Using F5 Products Overview In April 2000, Visa launched its Cardholder Information Security Program (CISP) -- a set of mandates designed to protect its cardholders from identity
More informationHTTPS Inspection with Cisco CWS
White Paper HTTPS Inspection with Cisco CWS What is HTTPS? Hyper Text Transfer Protocol Secure (HTTPS) is a secure version of the Hyper Text Transfer Protocol (HTTP). It is a combination of HTTP and a
More informationLoad Balancing Bloxx Web Filter. Deployment Guide
Load Balancing Bloxx Web Filter Deployment Guide rev. 1.1.8 Copyright 2002 2016 Loadbalancer.org, Inc. 1 Table of Contents About this Guide...4 Loadbalancer.org Appliances Supported...4 Loadbalancer.org
More informationDatacenter Transformation
Datacenter Transformation Consolidation Without Compromising Compliance and Security Joe Poehls Solution Architect, F5 Networks Challenges in the infrastructure I have a DR site, but the ROI on having
More informationLBSEC. http://www.liveboxcloud.com
2014 LBSEC http://www.liveboxcloud.com LiveBox Srl does not release declarations or guarantee regarding this documentation and its use and declines any expressed or implied commercial or suitability guarantee
More informationFortiOS Handbook Load Balancing for FortiOS 5.0
FortiOS Handbook Load Balancing for FortiOS 5.0 FortiOS Handbook Load Balancing for FortiOS 5.0 November 6, 2012 01-500-99686-20121106 Copyright 2012 Fortinet, Inc. All rights reserved. Fortinet, FortiGate,
More informationHTTP Caching & Cache-Busting for Content Publishers
HTTP Caching & Cache-Busting for Content Publishers Michael J. Radwin http://public.yahoo.com/~radwin/ OSCON 2005 Thursday, August 4th, 2005 1 1 Agenda HTTP in 3 minutes Caching concepts Hit, Miss, Revalidation
More informationwww.mvatcybernet.com PRODUCT VERSION: LYNC SERVER 2010, LYNC SERVER 2013, WINDOWS SERVER 2008
PRODUCT VERSION: LYNC SERVER 2010, LYNC SERVER 2013, WINDOWS SERVER 2008 With Forefront Threat Management Gateway 2010 now discontinued, we sought a suitable reverse proxy solution that works with Lync
More informationDeployment Guide Microsoft IIS 7.0
Deployment Guide Microsoft IIS 7.0 DG_IIS_022012.1 TABLE OF CONTENTS 1 Introduction... 4 2 Deployment Guide Overview... 4 3 Deployment Guide Prerequisites... 4 4 Accessing the AX Series Load Balancer...
More information<Insert Picture Here> Oracle Web Cache 11g Overview
Oracle Web Cache 11g Overview Oracle Web Cache Oracle Web Cache is a secure reverse proxy cache and a compression engine deployed between Browser and HTTP server Browser and Content
More informationLoad Balancing for Microsoft Office Communication Server 2007 Release 2
Load Balancing for Microsoft Office Communication Server 2007 Release 2 A Dell and F5 Networks Technical White Paper End-to-End Solutions Team Dell Product Group Enterprise Dell/F5 Partner Team F5 Networks
More informationBrocade Virtual Traffic Manager and Oracle EBS 12.1 Deployment Guide
September 2015 Brocade Virtual Traffic Manager and Oracle EBS 12.1 Deployment Guide 2015 Brocade Communications Systems, Inc. All Rights Reserved. ADX, Brocade, Brocade Assurance, the B-wing symbol, DCX,
More informationSticky Session Setup and Troubleshooting
1 Sticky Session Setup and Troubleshooting Day, Date, 2004 time p.m. ET Teleconference Access: US & Canada: 888-259-4812 Teleconference Access: North America: xxxx Toll Number: 706-679-4880 International:
More informationNetScaler: A comprehensive replacement for Microsoft Forefront Threat Management Gateway
NetScaler: A comprehensive replacement for Microsoft Forefront Threat Management Gateway 2 Microsoft s Forefront Threat Management Gateway (TMG) is a network security and protection solution for enterprise
More informationHTTPS HTTP. ProxySG Web Server. Client. ProxySG TechBrief Reverse Proxy with SSL. 1 Technical Brief
ProxySG TechBrief Reverse Proxy with SSL What is Reverse Proxy with SSL? The Blue Coat ProxySG includes the basis for a robust and flexible reverse proxy solution. In addition to web policy management,
More informationProtocolo HTTP. Web and HTTP. HTTP overview. HTTP overview
Web and HTTP Protocolo HTTP Web page consists of objects Object can be HTML file, JPEG image, Java applet, audio file, Web page consists of base HTML-file which includes several referenced objects Each
More informationHow to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG)
How to use mobilecho with Microsoft Forefront Threat Management Gateway (TMG) Introduction Understanding Forefront Threat Management Gateway (TMG) Network Topology Understanding Forefront Threat Management
More informationInterwise Connect. Working with Reverse Proxy Version 7.x
Working with Reverse Proxy Version 7.x Table of Contents BACKGROUND...3 Single Sign On (SSO)... 3 Interwise Connect... 3 INTERWISE CONNECT WORKING WITH REVERSE PROXY...4 Architecture... 4 Interwise Web
More informationDEPLOYMENT GUIDE Version 1.0. Deploying the BIG-IP LTM with Microsoft Windows Server 2008 R2 Remote Desktop Services
DEPLOYMENT GUIDE Version 1.0 Deploying the BIG-IP LTM with Microsoft Windows Server 2008 R2 Remote Desktop Services Deploying the BIG-IP LTM with Microsoft Windows Server 2008 R2 Remote Desktop Services
More informationCNS-200-1I Basic Administration for Citrix NetScaler 9.0
CNS-200-1I Basic Administration for Citrix NetScaler 9.0 This course covers the initial configuration and administration of Citrix NetScaler 9.0. Learners gain an understanding of NetScaler features such
More informationJava Web Application Security
Java Web Application Security RJUG Nov 11, 2003 Durkee Consulting www.rd1.net 1 Ralph Durkee SANS Certified Mentor/Instructor SANS GIAC Network Security and Software Development Consulting Durkee Consulting
More informationCumuLogic Load Balancer Overview Guide. March 2013. CumuLogic Load Balancer Overview Guide 1
CumuLogic Load Balancer Overview Guide March 2013 CumuLogic Load Balancer Overview Guide 1 Table of Contents CumuLogic Load Balancer... 3 Architectural Overview of CumuLogic Load Balancer... 4 How to Use
More informationExamPDF. Higher Quality,Better service!
ExamPDF Higher Quality,Better service! Q&A Exam : 1Y0-A21 Title : Basic Administration for Citrix NetScaler 9.2 Version : Demo 1 / 5 1.Scenario: An administrator is working with a Citrix consultant to
More informationInformation Extraction Art of Testing Network Peripheral Devices
OWASP AppSec Brazil 2010, Campinas, SP The OWASP Foundation http://www.owasp.org Information Extraction Art of Testing Network Peripheral Devices Aditya K Sood, SecNiche Security (adi_ks@secniche.org)
More informationDeploying the Barracuda Load Balancer with Office Communications Server 2007 R2. Office Communications Server Overview.
Deploying the Barracuda Load Balancer with Office Communications Server 2007 R2 Organizations can use the Barracuda Load Balancer to enhance the scalability and availability of their Microsoft Office Communications
More informationLoad Balancing Trend Micro InterScan Web Gateway
Load Balancing Trend Micro InterScan Web Gateway Deployment Guide rev. 1.1.7 Copyright 2002 2015 Loadbalancer.org, Inc. 1 Table of Contents About this Guide... 3 Loadbalancer.org Appliances Supported...
More informationApplication Delivery Controller (ADC) Implementation Load Balancing Microsoft SharePoint Servers Solution Guide
Application Delivery Controller (ADC) Implementation Load Balancing Microsoft SharePoint Servers Solution Guide January, 2009 North America Radware Inc. 575 Corporate Dr., Lobby 1 Mahwah, NJ 07430 Tel:
More informationWeb applications. Web security: web basics. HTTP requests. URLs. GET request. Myrto Arapinis School of Informatics University of Edinburgh
Web applications Web security: web basics Myrto Arapinis School of Informatics University of Edinburgh HTTP March 19, 2015 Client Server Database (HTML, JavaScript) (PHP) (SQL) 1 / 24 2 / 24 URLs HTTP
More informationHow to Make the Client IP Address Available to the Back-end Server
How to Make the Client IP Address Available to the Back-end Server For Layer 4 - UDP and Layer 4 - TCP services, the actual client IP address is passed to the server in the TCP header. No further configuration
More informationInfrastructure for more security and flexibility to deliver the Next-Generation Data Center
Infrastructure for more security and flexibility to deliver the Next-Generation Data Center Stefan Volmari Manager Systems Engineering Networking & Cloud Today's trends turn into major challenges Cloud
More informationCrawl Proxy Installation and Configuration Guide
Crawl Proxy Installation and Configuration Guide Google Enterprise EMEA Google Search Appliance is able to natively crawl secure content coming from multiple sources using for instance the following main
More information