Kona Site Defender. Product Description
|
|
- Lily McCormick
- 8 years ago
- Views:
Transcription
1 Kona Site Defender Product Description November 2013
2 TABLE OF CONTENTS Table of Contents 2 Introduction 3 Kona Site Defender Overview 3 Kona Site Defender Features 3 DDoS Mitigation 3 DDoS Fee Protection 4 Web Application Firewall (WAF) 4 Network Layer Controls 4 Application Layer Controls 4 Custom Rules 5 Akamai Common Rules 5 Rate Controls 6 Real Time Reporting 6 Site Shield 6 Adaptive Caching 7 Site Failover 7 Access Controls 7 NetStorage 7 Log Delivery Service 7 Security Monitor 8 Compliance Management 8 User Validation (Optional) 9 DNS Security (Optional) 9 Enhanced Domain Name Service (EDNS) 9 Kona Site Defender Service Management Package (Optional) 9 Kona Site Defender Service Management Package 9 Kona Site Defender Log File and Configuration Review
3 INTRODUCTION KONA SITE DEFENDER OVERVIEW Kona Site Defender leverages a multi-layered toolset designed to defend against sophisticated attacks employing multiple methodologies. Akamai DDoS defense capabilities are always on. This allows the solution to adapt to the unique nature of each attack method in real time. Moreover, Akamai s view of 20-25% of the world s internet traffic provides a unique view into the threat landscape and serves as an underpinning for constantly evolving rules and updates. Customers can thus continually strengthen their defense posture against DDoS without having to make changes to their infrastructure. Kona Site Defender relieves customers from the technical and operational hassles involved in mitigating DDoS, Web application and Direct-to-Origin attacks. Customers leverage Akamai s years of extensive experience in addressing large scale Web site attacks for quicker time to mitigation. Akamai s expert services team is available to work with customers in integrating the components of the solution to maximize the security. Kona Site Defender can be configured to send alerts to both designated customer contacts and Akamai personnel. Akamai Customer Care is available 24/7 to assist with customer calls. KONA SITE DEFENDER FEATURES Kona Site Defender includes the following: Mitigation of Distributed Denial of Service (DDoS) attacks at the network and application layer; a full-featured Web Application Firewall, Origin Cloaking (protection against direct-to-origin attacks); adaptive caching, site failover; access control; Net Storage, Log Delivery Service; the ISO compliance management module and the Security Monitor. The Kona Site Defender Service Management package, HTTPS option, enhanced DNS (edns), GTM, and other compliance management modules are NOT part of Kona Site Defender, and need to be ordered separately. Kona Site Defender: Is available to customers with Aqua Ion, DSA, DSD, RMA, WAA, Terra Alta and existing EdgeSuite implementations Can be sold standalone for use with sites that do not currently need acceleration The Kona Site Defender Service Management Package is recommended for all sales. DDoS Mitigation 3
4 Kona Site Defender leverages the Akamai Intelligent Platform to detect and block malicious traffic at the edge of the Internet, enabling Akamai to stop DDoS attacks at both the application and network layers. The Akamai Intelligent Platform is architected as a reverse proxy and only accepts traffic via ports 80 (HTTP) & 443 (HTTPS). All network layer (Layers 3&4) DDoS attacks are automatically dropped by the Akamai Intelligent Platform. This includes traffic such as UDP Fragments; ICMP Floods; SYN Floods; ACK Floods; RESET Floods; and UDP Floods. The Akamai Intelligent Platform also absorbs DDoS traffic targeted at the application layer such as GET Floods and authenticates valid traffic at the network edge. Protection is also provided for HTTP slow client ( drip feed ) DDoS attacks, such as a Slowloris (sending partial HTTP requests that proliferate endlessly, update slowly, and never close) DDoS and other application layer attacks such as RUDY (r u dead yet). HTTP/S traffic is routed natively in path with minimal to no added latency and no single point of failure. DDoS Fee Protection Attack traffic usually exceeds normal traffic by several orders of magnitude, causing unexpected levels of traffic on the Akamai Intelligent Platform. The DDoS Fee Protection provides protection against the bursting fees by allowing customers to request a credit on invoice following a DDoS attack. For the month in which an eligible attack occurs, actual burst fees are replaced with the capped burst fee amount by issuing a credit memo. DDoS bursting fees are capped $5,000 for an unlimited number of attacks per month. Flexible caching provides offload from origin servers. Web Application Firewall (WAF) Kona Site Defender includes a WAF that provides a highly scalable layer of protection against application layer (Layer 7) attacks. The Web Application Firewall is implemented inline across a majority of Akamai s globally distributed Edge servers. Akamai s WAF helps detect and deflect threats in HTTP and HTTPS traffic, issuing alerts or blocking attack traffic near its source. Network Layer Controls WAF provides the ability to enforce customer-defined IP whitelists and blacklists. List updates are propagated across Akamai s global network usually within 45 minutes, enabling rapid response to attacks. Allows or restricts requests from specific IP addresses to protect customer Origin from application layer attacks Implements IP blacklists and IP whitelists Geo blocking mitigate DDoS attacks emanating from localized regions 10,000 CIDR (Classless Inter-Domain Routing) entries supported. Named lists e.g. Tor (The Onion Router) exit nodes Application Layer Controls WAF includes a rich collection of pre-defined but configurable application-layer firewall rules, which Akamai maintains with regular updates, for different categories such as: Protocol Violations, Request Limit Violations, HTTP Policy Violations, Malicious Robots, Generic and Command Injection Attacks, Trojan Backdoors and Outbound Content Leakage. Implements the Open Web Application Security Project (OWASP) ModSecurity Core Rule Set Continues support for Core Rule Set Includes a upgrade wizard for existing customers to upgrade WAF policies from to Includes anomaly scoring whereby each rule contributes to an overall risk score. Alert/Deny decisions are made based on the total score. 4
5 Enables inspection of HTTP Request/Response Headers and HTTP POST Request/Response Bodies through a series of cascading REGEX rules in order to protect against attacks such as SQL Injections and Cross-Site Scripting. Group Protocol Violations Protocol Anomalies Request Limits HTTP Policy Bad Robots Generic Attacks SQL Injection Attacks XSS Attacks Tight Security Trojans Outbound (Leakage) Description Some protocol violations are common in application layer attacks. Validating HTTP requests eliminates a large number of application layer attacks. Limiting the size and length of different HTTP protocol attributes, such as the number and length of parameters or the overall length of the request can prevent many attacks, including buffer overflow and injection attacks. This rule set enables the user to set limits on many different attributes. Please note, however, that, since such limitations are application- and site-specific, the default rule file must be edited manually to provide these limits Some common HTTP usage patterns are indicative of attacks but may also be used by nonbrowsers for legitimate uses. Enforces protection for standard Request Methods, Content-Types, File Extensions, etc Detects requests by malicious automated programs such as robots, crawlers, and security scanners. Malicious automated programs collect information from a web site, consume bandwidth, and might also search for vulnerabilities on the web site. Detecting malicious crawlers is especially useful against comment spam Detects application-level attacks such as those described in the Open Web Application Security Project (OWASP) Top Ten Project ( This includes attacks such as PHP and Adobe ColdFusion injection attacks. Formerly, in CRS version 1.6.1, this group also included SQL and XSS attacks. Those are now in their own respective groups This group is new to the 2.x CRS and specifically covers SQL Injection attacks This group is new to the 2.x CRS and specifically covers Cross-Site Scripting attacks. Provides rules that screen user-supplied inputs for malicious content or characters that leverage insufficient validation at origin. Detection of attempts to access Trojans already installed on the system. Prevents application error messages and code snippets from being sent to the user. This makes attacking the server much harder and is also a last line of defense if an attack passes through. Custom Rules This feature enables customers to create Akamai metadata-based rules that are enforced after the execution of the Application Layer rules. Custom rules can serve as Virtual Patches in which new website vulnerabilities may be mitigated quickly before standard rules are defined in the WAF. Create policy-based rules that are enforced before or after the execution of the application layer controls. Serve as Virtual Patches for new website vulnerabilities while application is patched and redeployed over time. Configurations done via WAF Fast Channel Akamai Common Rules Akamai professional services have developed rules over the course of the past two years that address some of the most recent threats and attacks against our hundreds of customers. Those rules are updated regularly by Akamai s Threat Intelligence team and are available to all Kona Site Defender customers. The rules protect against attacks such as: Low Orbit Ion Cannon, High Orbit Ion Cannon, HULK, Dirt Jumper, Havij SQL Injection 5
6 Tool, Netsparker, ApacheBench, Webhive, et al Common Rules are available alongside the ModSecurity CRS rules. Rate Controls Kona Site Defender enables a customer to protect both their websites and applications against DDoS attacks by monitoring and controlling the rate of requests against the Akamai Intelligent Platform and customer Origin. Rate Categories can be incorporated as WAF rules thus enabling the customer to dynamically alert and/or block clients exhibiting excessive request rate behaviors. Requests are controlled based on behavior pattern not request structure. Customers can avoid false positives by viewing user agent, cookies, and session ID within the rate control. The Rate Control feature allows the Akamai edge server to differentiate between bots and proxies and identify attacker hiding behind proxies. Kona Site Defender can respond to bursts of requests within seconds. Rate Controls further protect customers by mitigating Slow POST DDoS attacks. POST requests are not sent to the origin until the POST body completes at the edge. POST bodies that take too long to complete are terminated. Real Time Reporting Kona Site Defender supports a logging protocol called Real-Time Reporting. This is a HTTP POST mechanism for sending security events in real-time into a log management or SIEM (Security Information & Event Management) solution at the customer Origin. Site Shield Kona Site Defender includes the ability to cloak (hide) a customer origin from the public Internet. This adds an additional layer of security protection without impeding the quick and reliable delivery of content, regardless of end user location. It is designed to prevent direct-to-origin attacks. Kona Site Defender is designed to prevent direct-to-origin attacks using SiteShield a form of cache-hierarchy that is implemented as a map of Akamai servers. In standard configuration, the access controls create an environment by which the Origin site can only be accessed by IP traffic Originating from a small subset of off Akamai servers referred to as a SiteShield region. Access Control Lists (ACLs) at the customer s firewall will only allow traffic from the SiteShield s server IPs to contact the Origin. This design results in no other machine on the Internet having the ability to directly communicate with the customer Origin At the same time, all of Akamai s distributed Edge servers will continue to have complete access to the current content. This is because Akamai s SiteShield servers are configured to serve as the parent for all Akamai Edge Servers for a specific customer s content. If an Akamai Edge Server needs content that it cannot find from a peer it requests the content from the SiteShield servers. In the event dynamic uncatchable content is requested, the SiteShield server leverages Akamai s advanced routing and protocol acceleration technologies available. As a result, legitimate end-users should always be able to retrieve content quickly and reliably while the Origin remains protected. 6
7 Adaptive Caching Kona Site Defender will cache static objects similar to how transparent proxies honor cache control headers sent by the customer Origin. This provides Origin defense for attacks that target URLs representing static content. Site Failover Websites that rely on centralized infrastructure often find that ensuring uptime is a continuous challenge. A typical solution involves mirroring a Web site at an alternate location; however, this approach creates additional capital and management costs. Site Failover frees companies from these limitations by storing and delivering Web site content from a global network of thousands of servers on the Akamai Intelligent Platform. With Site Failover, content remains available to requesting users. Access Controls Provides the ability to protect content and control access based on user details. The access is controlled using access control system, which authenticates users and enforces authorization policies. NetStorage Kona Site Defender includes NetStorage for the purpose of log retention. NetStorage is enabled by default and must be explicitly disabled if not wanted. Customers are limited to 10 GB of usage. Under normal usage, NetStorage traffic will not be billed. Additional usage will be subject to overage charges. The number of days for which logs are stored is configurable, with 30 days as the default. Log Delivery Service The Log Delivery Service (LDS) provides customers with logs generated from Kona Site Defender and Kona services. Customers can configure how to receive their log deliveries in the Luna control portal. LDS delivers customer logs based on a predetermined schedule and most of the log files will be delivered within a 24-hour period. Due to the distributed nature of Akamai s network, some number of log lines can be delayed and be part of a later delivery. Note that customers must configure the service to begin receiving logs from that point forward. Logs are not available retroactively. 7
8 Security Monitor The Security Monitor provides a dynamic interface enabling users to visually investigate rule activities. Data is displayed in real-time. The Security Monitor provides an important tool for tuning WAF rules. The Security Monitor is a security data visualization solution that incorporates WAF and rate control data in realtime. This significantly improves the customer s ability to investigate WAF activities by supporting advanced filtering, search and eventually notification functions. The Security Monitor also provides the capability to drill down into attack alerts to retrieve detailed information on who is attacking, what they are attacking, what defense capabilities triggered the attack declaration and what specifically was seen in the requests that triggered site defenses. Compliance Management Kona Site Defender includes the ISO compliance management component. This component helps customers understand and validate how their relationship with Akamai impacts their own compliance initiatives. It includes a core base to address generic requirements coupled with the ISO module. 8
9 USER VALIDATION (OPTIONAL) Kona Site Defender validates whether clients attempting to access customer content are real browsers and real users or bots. The module distinguishes between the two by asking the client to follow a redirect, execute a javascript, solve a math problem, and set a cookie with an answer to the math problem. If the client is able to do this, it is allowed to make requests to the origin. DNS SECURITY (OPTIONAL) Enhanced Domain Name Service (EDNS) EDNS provides a secure, robust and scalable outsourced DNS solution designed to reliably direct end users to an organization s Web sites and applications. Configured as an authoritative Secondary DNS service, EDNS is designed to enable the customer to leverage the unparalleled performance, scalability, and reliability of Akamai s distributed global name server platform without changing their existing DNS administration processes. Using EDNS, the customer s primary DNS servers are not directly exposed to end users, therefore mitigating the risk of cache poisoning and denial-of-service attacks. Moreover, EDNS leverages a number of technologies, including IP Anycast, secured zone transfers, router-protected name servers, and non-bind-based DNS to provide customers with a highly secure and fault-tolerant solution. KONA SITE DEFENDER SERVICE MANAGEMENT PACKAGE (OPTIONAL) Kona Site Defender Service Management Package Kona Site Defender Service Management Package is a Professional Services solution that provides on-going expert assistance to keep your Kona Site Defender configuration up-to-date. The Kona Site Defender Service Management Package gives you access to Akamai s Web security experts consultants familiar with the threat landscape and your Web security requirements. Web security experts who help your team keep your Kona Site Defender set up optimized. Kona Site Defender Log File and Configuration Review Kona Site Defender Service Management Package helps you analyze the Kona Site Defender log files via a biannual Log File and Configuration Review. The review covers detailed analysis of your Kona Site Defender log files and configuration. Findings of the analysis are presented in an easy-to-consume report. The report enables better understanding of the voluminous log data. The review focuses on three main areas: Area False Positive Analysis True Positive Analysis Kona Site Defender Configuration Recommendations Description An analysis will be performed to identify those URLs that received valid requests but triggered WAF rules. A list of the URLs triggering such false positives will be provided for review. The False Positive Analysis helps determine the likelihood and impact of triggering false positives for each reviewed rule. This is important when you want to minimize the amount of legitimate (non-attack) traffic being blocked. An analysis will be performed to identify those URLs that received malicious requests and subsequently triggered WAF rules. A list of the URLs receiving (what appear to be) malicious requests will be provided for review. Upon analysis of your Kona Site Defender configuration, Akamai security experts will make recommendations that can help reduce occurrences of false positives and improve Web site security in case of true positives. These may include: Rule configuration changes Web site configuration changes Recommendations to use additional Kona Site Defender features 9
10 Ongoing Expert Support Examples of assistance include: Drafting a customer-specific Kona Site Defender Run Book Providing consultation and discussing best practices around specific change requests Evaluating proposed site changes and advising on potential behavior of existing rules Analyzing events observed by you that have triggered alerts for existing rules Conducting post security-incident analysis and updating the Run book Managing Rate Control buckets & thresholds Implementing minor changes to Kona Site Defender configuration The Akamai Difference Akamai is the leading cloud platform for helping enterprises provide secure, high-performing user experiences on any device, anywhere. At the core of the company s solutions is the Akamai Intelligent Platform providing extensive reach, coupled with unmatched reliability, security, visibility and expertise. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to securely leverage the cloud. To learn more about how Akamai is accelerating the pace of innovation in a hyperconnected world, please visit and on Twitter. Akamai Technologies, Inc. Global Headquarters 8 Cambridge Center Cambridge, MA Tel Fax U.S. toll-free 877.4AKAMAI International Offices Unterfoehring, Germany Paris, France Milan, Italy London, England Madrid, Spain Stockholm, Sweden Bangalore, India Sydney, Australia Beijing, China Tokyo, Japan Seoul, Korea Singapore 2013 Akamai Technologies, Inc. All Rights Reserved. Reproduction in whole or in part in any form or medium without express written permission is prohibited. Akamai and the Akamai wave logo are registered trademarks. Other trademarks contained herein are the property of their respective owners. Akamai believes that the information in this publication is accurate as of its publication date; such information is subject to change without notice.
Web Application Vulnerability Scanner: Skipfish
Web Application Vulnerability Scanner: Skipfish Page 1 of 7 EXECUTIVE SUMMARY Skipfish is an automated web application vulnerability scanner available for free download at Google s code website. It is
More informationG-Cloud Service Definition. Atos KONA Site Defender for Cloud IaaS
G-Cloud Service Definition Atos KONA Site Defender for Cloud IaaS Atos Kona Site Defender for Cloud IaaS Atos Kona Site Defender for Cloud IaaS delivers web security without compromise, leveraging the
More informationAKAMAI WHITE PAPER. Accelerate and Protect your E-learning Initiatives using Akamai s Cloud Based Intelligent Platform TM
AKAMAI WHITE PAPER Accelerate and Protect your E-learning Initiatives using Akamai s Cloud Based Intelligent Platform TM TABLE OF CONTENTS EXECUTIVE SUMMARY 1 THE AKAMAI ADVANTAGE 1 ABOUT E-LEARNING 1
More informationSTOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect
STOPPING LAYER 7 ATTACKS with F5 ASM Sven Müller Security Solution Architect Agenda Who is targeted How do Layer 7 attacks look like How to protect against Layer 7 attacks Building a security policy Layer
More informationAkamai Solutions for Cloud Computing. Accelerate, Scale and Fortify Applications and Platforms Running in the Cloud
Akamai Solutions for Cloud Computing Accelerate, Scale and Fortify Applications and Platforms Running in the Cloud Adopting applications from Saas providers Developing new applications for the Cloud Leveraging
More informationAKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.
CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE. Threat > The number and size of cyberattacks are increasing rapidly Website availability and rapid performance are critical factors in determining the success
More informationAKAMAI WHITE PAPER. The Challenges of Connecting Globally in the Pharmaceutical Industry
AKAMAI WHITE PAPER The Challenges of Connecting Globally in the Pharmaceutical Industry The Challenges of Connecting Globally in the Pharmaceutical Industry TABLE OF CONTENTS EXECUTIVE SUMMARY 1 GLOBAL
More informationWeb Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks r.gibala@f5.com
Web Application Security Radovan Gibala Senior Field Systems Engineer F5 Networks r.gibala@f5.com Security s Gaping Hole 64% of the 10 million security incidents tracked targeted port 80. Information Week
More informationProtecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall
Protecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall A FORTINET WHITE PAPER www.fortinet.com Introduction Denial of Service attacks are rapidly becoming a popular attack vector used
More informationThe server will respond to the client with a list of instances. One such attack was analyzed by an information security researcher in January 2015.
1 TLP: GREEN 02.11.15 GSI ID: 1086 SECURITY BULLETIN: MS SQL REFLECTION DDOS RISK FACTOR - MEDIUM 1.1 / OVERVIEW / Beginning in October 2014, PLXsert observed the use of a new type of reflection-based
More informationREAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL
REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL AWF Series Web application firewalls provide industry-leading Web application attack protection, ensuring continuity
More informationNSFOCUS Web Application Firewall White Paper
White Paper NSFOCUS Web Application Firewall White Paper By NSFOCUS White Paper - 2014 NSFOCUS NSFOCUS is the trademark of NSFOCUS Information Technology Co., Ltd. NSFOCUS enjoys all copyrights with respect
More informationAkamai to Incapsula Migration Guide
Guide Akamai to Incapsula Migration Guide Introduction Incapsula is an enterprise-grade cloud service that helps companies deliver applications more efficiently and securely. This is accomplished through
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationOn-Premises DDoS Mitigation for the Enterprise
On-Premises DDoS Mitigation for the Enterprise FIRST LINE OF DEFENSE Pocket Guide The Challenge There is no doubt that cyber-attacks are growing in complexity and sophistication. As a result, a need has
More informationHow valuable DDoS mitigation hardware is for Layer 7 Sophisticated attacks
How valuable DDoS mitigation hardware is for Layer 7 Sophisticated attacks Stop DDoS before they stop you! James Braunegg (Micron 21) What Is Distributed Denial of Service A Denial of Service attack (DoS)
More informationAutomated Mitigation of the Largest and Smartest DDoS Attacks
Datasheet Protection Automated Mitigation of the Largest and Smartest Attacks Incapsula secures websites against the largest and smartest types of attacks - including network, protocol and application
More information[state of the internet] / SEO Attacks. Threat Advisory: Continuous Uptick in SEO Attacks
TLP: GREEN Issue Date: 1.12.16 Threat Advisory: Continuous Uptick in SEO Attacks Risk Factor High The Akamai Threat Research Team has identified a highly sophisticated Search Engine Optimization (SEO)
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationAkamai Security Products
Akamai Security Products Key Areas of Cloud Security for Akamai Protect Web Availability Internet Infrastructure Security Remove Credit Cards Payment Tokenization Web Application Firewall Application Security
More informationSHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper
SHARE THIS WHITEPAPER Top Selection Criteria for an Anti-DDoS Solution Whitepaper Table of Contents Top Selection Criteria for an Anti-DDoS Solution...3 DDoS Attack Coverage...3 Mitigation Technology...4
More information2013 MONITORAPP Co., Ltd.
01 Cloud Computing Overview Intelligent Web Application Firewall For Cloud Infrastructure Introduction 2013 MONITORAPP Co., Ltd. 01 Cloud Computing Overview Cloud-based Web Firewall Overview The new form
More informationFortiWeb 5.0, Web Application Firewall Course #251
FortiWeb 5.0, Web Application Firewall Course #251 Course Overview Through this 1-day instructor-led classroom or online virtual training, participants learn the basic configuration and administration
More informationLoad Balancing Security Gateways WHITE PAPER
Load Balancing Security Gateways WHITE PAPER Table of Contents Acceleration and Optimization... 4 High Performance DDoS Protection... 4 Web Application Firewall... 5 DNS Application Firewall... 5 SSL Insight...
More informationPowered by. Incapsula Cloud WAF
Powered by Incapsula Cloud WAF Enero - 2013 Incapsula Cloud WAF Overview Incapsula Cloud WAF Delivery Model Threat Central 360 Global Threat Detection & Analysis Enables early detection across the entire
More informationA Layperson s Guide To DoS Attacks
A Layperson s Guide To DoS Attacks A Rackspace Whitepaper A Layperson s Guide to DoS Attacks Cover Table of Contents 1. Introduction 2 2. Background on DoS and DDoS Attacks 3 3. Types of DoS Attacks 4
More informationVALIDATING DDoS THREAT PROTECTION
VALIDATING DDoS THREAT PROTECTION Ensure your DDoS Solution Works in Real-World Conditions WHITE PAPER Executive Summary This white paper is for security and networking professionals who are looking to
More informationHow to Evaluate DDoS Mitigation Providers:
Akamai White Paper How to Evaluate DDoS Mitigation Providers: Four Critical Criteria How to Evaluate DDoS Mitigation Providers 2 TABLE OF CONTENTS INTRODUCTION 3 CRITERIA #1: THREAT INTELLIGENCE 3 CRITERIA
More informationContemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited
Contemporary Web Application Attacks Ivan Pang Senior Consultant Edvance Limited Agenda How Web Application Attack impact to your business? What are the common attacks? What is Web Application Firewall
More informationWeb Application Firewall
Web Application Firewall Getting Started Guide August 3, 2015 Copyright 2014-2015 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks
More informationRadware s Attack Mitigation Solution On-line Business Protection
Radware s Attack Mitigation Solution On-line Business Protection Table of Contents Attack Mitigation Layers of Defense... 3 Network-Based DDoS Protections... 3 Application Based DoS/DDoS Protection...
More informationCloudFlare advanced DDoS protection
CloudFlare advanced DDoS protection Denial-of-service (DoS) attacks are on the rise and have evolved into complex and overwhelming security challenges. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com
More informationG-Cloud Service Definition. Atos Web Application Firewall
G-Cloud Service Definition Atos Web Application Firewall Atos Web Application Firewall Atos powered by Akamai delivers a scalable web application firewall solution that maintains the performance and integrity
More informationBasic & Advanced Administration for Citrix NetScaler 9.2
Basic & Advanced Administration for Citrix NetScaler 9.2 Day One Introducing and deploying Citrix NetScaler Key - Brief Introduction to the NetScaler system Planning a NetScaler deployment Deployment scenarios
More informationAcquia Cloud Edge Protect Powered by CloudFlare
Acquia Cloud Edge Protect Powered by CloudFlare Denial-of-service (DoS) Attacks Are on the Rise and Have Evolved into Complex and Overwhelming Security Challenges TECHNICAL GUIDE TABLE OF CONTENTS Introduction....
More informationArrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015
Arrow ECS University 2015 Radware Hybrid Cloud WAF Service 9 Ottobre 2015 Get to Know Radware 2 Our Track Record Company Growth Over 10,000 Customers USD Millions 200.00 150.00 32% 144.1 16% 167.0 15%
More information10 Things Every Web Application Firewall Should Provide Share this ebook
The Future of Web Security 10 Things Every Web Application Firewall Should Provide Contents THE FUTURE OF WEB SECURITY EBOOK SECTION 1: The Future of Web Security SECTION 2: Why Traditional Network Security
More informationSecurity F5 SECURITY SOLUTION GUIDE
F5 SECURITY SOLUTION GUIDE Security Protect your data center and application services, improve user access, optimize performance, and reduce management complexity. 1 WHAT'S INSIDE Data Center Firewall
More informationOut of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet
Out of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet March 8, 2012 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development
More informationNSFOCUS Web Application Firewall
NSFOCUS Web Application Firewall 1 / 9 Overview Customer Benefits Mitigate Data Leakage Risk Ensure Availability and QoS of Websites Close the Gap for PCI DSS Compliance Collaborative Security The NSFOCUS
More informationSSDP REFLECTION DDOS ATTACKS
TLP: AMBER GSI ID: 1079 SSDP REFLECTION DDOS ATTACKS RISK FACTOR - HIGH 1.1 OVERVIEW / PLXsert has observed the use of a new reflection and amplification distributed denial of service (DDoS) attack that
More informationEnterprise-Grade Security from the Cloud
Datasheet Website Security Enterprise-Grade Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed security
More informationEnd-to-End Application Security from the Cloud
Datasheet Website Security End-to-End Application Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed
More informationManage the unexpected
Manage the unexpected Navigate risks and thrive Today s business world is threatened by a multitude of online security risks. But many organizations simply do not have the resources or expertise to combat
More informationF5 Silverline Web Application Firewall Onboarding: Technical Note
F5 Silverline Web Application Firewall Onboarding: Technical Note F5 Silverline Web Application Firewall Onboarding With organizations transitioning application workloads to the cloud, traditional centralized
More informationWHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats
WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top
More informationDatacenter Transformation
Datacenter Transformation Consolidation Without Compromising Compliance and Security Joe Poehls Solution Architect, F5 Networks Challenges in the infrastructure I have a DR site, but the ROI on having
More informationCisco Cloud Web Security
Data Sheet Today s highly connected and fast-moving world is filled with complex and sophisticated web security threats. Cisco delivers the strong protection, complete control, and investment value that
More informationGuide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst
INTEGRATED INTELLIGENCE CENTER Technical White Paper William F. Pelgrin, CIS President and CEO Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst This Center for Internet Security
More informationImproving Web Application Security: The Akamai Approach to WAF
Improving Web Application Security: The Akamai Approach to WAF Akamai White Paper The Akamai Approach to WAF 2 TABLE OF CONTENTS INTRODUCTION 3 CHALLENGES WITH DEPLOYING WAFS 3 WAF DESIGN PRINCIPLES 4
More informationEnterprise overview. Benefits and features of CloudFlare s Enterprise plan. 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.
Enterprise overview Benefits and features of CloudFlare s Enterprise plan 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com Enterprise overview This paper summarizes the benefits and features
More informationAccount Checkers and Fraud
kamai Technologies Inc. Account Checkers and Fraud Carders in Action VERSION: 2013-0005-G Table of Contents Executive Summary... 2 Observed Behavior... 2 Attacker Tactics, Techniques and Procedures...
More informationSecure Content Delivery Network
Akamai Technologies Inc. Akamai Security and Compliance Secure Content Delivery Network Physical Access Information May 13, 2014 Table of Contents Risk Analysis... 1-2 Physical Access... 2-3 Records...
More informationPowerful, customizable protection for web applications and websites running ModSecurity on Apache/Linux based web-servers
Free ModSecurity Rules from Comodo Powerful, customizable protection for web applications and websites running ModSecurity on Apache/Linux based web-servers This document is for informational purposes
More informationWebsite Security. End-to-End Application Security from the Cloud. Cloud-Based, Big Data Security Approach. Datasheet: What You Get. Why Incapsula?
Datasheet: Website Security End-to-End Application Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-ofbreed
More informationFortiWeb for ISP. Web Application Firewall. Copyright Fortinet Inc. All rights reserved.
FortiWeb for ISP Web Application Firewall Copyright Fortinet Inc. All rights reserved. Agenda Introduction to FortiWeb Highlights Main Features Additional FortiWEB Services for the ISP FortiWeb Family
More informationJOOMLA REFLECTION DDOS-FOR-HIRE
1 TLP: GREEN GSI ID: 1085 JOOMLA REFLECTION DDOS-FOR-HIRE RISK FACTOR - HIGH 1.1 / OVERVIEW / Following a series of vulnerability disclosures throughout 2014, the popular content management framework Joomla
More informationWEB APPLICATION FIREWALLS: DO WE NEED THEM?
DISTRIBUTING EMERGING TECHNOLOGIES, REGION-WIDE WEB APPLICATION FIREWALLS: DO WE NEED THEM? SHAIKH SURMED Sr. Solutions Engineer info@fvc.com www.fvc.com HAVE YOU BEEN HACKED????? WHAT IS THE PROBLEM?
More informationProtect Your Business and Customers from Online Fraud
DATASHEET Protect Your Business and Customers from Online Fraud What s Inside 2 WebSafe 5 F5 Global Services 5 More Information Online services allow your company to have a global presence and to conveniently
More informationWEB SITE SECURITY. Jeff Aliber Verizon Digital Media Services
WEB SITE SECURITY Jeff Aliber Verizon Digital Media Services 1 SECURITY & THE CLOUD The Cloud (Web) o The Cloud is becoming the de-facto way for enterprises to leverage common infrastructure while innovating
More informationHealthcare Security and HIPAA Compliance with A10
WHITE PAPER Healthcare Security and HIPAA Compliance with A10 Contents Moving Medicine to the Cloud: the HIPAA Challenge...3 HIPAA History and Standards...3 HIPAA Compliance and the A10 Solution...4 164.308
More informationDDoS Overview and Incident Response Guide. July 2014
DDoS Overview and Incident Response Guide July 2014 Contents 1. Target Audience... 2 2. Introduction... 2 3. The Growing DDoS Problem... 2 4. DDoS Attack Categories... 4 5. DDoS Mitigation... 5 1 1. Target
More informationMingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway
Mingyu Web Application Firewall (DAS- WAF) - - - All transparent deployment for Web application gateway All transparent deployment Full HTTPS site defense Prevention of OWASP top 10 Website Acceleration
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationAutomated Mitigation of the Largest and Smartest DDoS Attacks
Datasheet Protection Automated Mitigation of the Largest and Smartest Attacks Incapsula secures websites against the largest and smartest types of attacks - including network, protocol and application
More informationV-ISA Reputation Mechanism, Enabling Precise Defense against New DDoS Attacks
Enabling Precise Defense against New DDoS Attacks 1 Key Points: DDoS attacks are more prone to targeting the application layer. Traditional attack detection and defensive measures fail to defend against
More informationImperva Cloud WAF. How to Protect Your Website from Hackers. Hackers. *Bots. Legitimate. Your Websites. Scrapers. Comment Spammers
How to Protect Your from Hackers Web attacks are the greatest threat facing organizations today. In the last year, Web attacks have brought down businesses of all sizes and resulted in massive-scale data
More informationCOORDINATED THREAT CONTROL
APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More informationHow To Block A Ddos Attack On A Network With A Firewall
A Prolexic White Paper Firewalls: Limitations When Applied to DDoS Protection Introduction Firewalls are often used to restrict certain protocols during normal network situations and when Distributed Denial
More informationDDoS Protection on the Security Gateway
DDoS Protection on the Security Gateway Best Practices 24 August 2014 Protected 2014 Check Point Software Technologies Ltd. All rights reserved. This product and related documentation are protected by
More informationMulti-Layer Security for Multi-Layer Attacks. Preston Hogue Dir, Cloud and Security Marketing Architectures
Multi-Layer Security for Multi-Layer Attacks Preston Hogue Dir, Cloud and Security Marketing Architectures High-Performance Services Fabric Programmability Data Plane Control Plane Management Plane Virtual
More informationFirst Line of Defense to Protect Critical Infrastructure
RFI SUBMISSION First Line of Defense to Protect Critical Infrastructure Developing a Framework to Improve Critical Infrastructure Cybersecurity Response to NIST Docket # 130208119-3119-01 Document # 2013-044B
More informationWhite Paper A10 Thunder and AX Series Load Balancing Security Gateways
White Paper A10 Thunder and AX Series Load Balancing Security Gateways June 2013 WP_LB FW 062013 Disclaimer This document does not create any express or implied warranty about A10 Networks or about its
More informationImperva s Response to Information Supplement to PCI DSS Requirement Section 6.6
Imperva Technical Brief Imperva s Response to Information Supplement to PCI DSS Requirement Section 6.6 The PCI Security Standards Council s (PCI SSC) recent issuance of an Information Supplement piece
More informationF5 Intelligent DNS Scale. Philippe Bogaerts Senior Field Systems Engineer mailto: p.bogaerts@f5.com Mob.: +32 473 654 689
F5 Intelligent Scale Philippe Bogaerts Senior Field Systems Engineer mailto: p.bogaerts@f5.com Mob.: +32 473 654 689 Intelligent and scalable PROTECTS web properties and brand reputation IMPROVES web application
More informationSecurityDAM On-demand, Cloud-based DDoS Mitigation
SecurityDAM On-demand, Cloud-based DDoS Mitigation Table of contents Introduction... 3 Why premise-based DDoS solutions are lacking... 3 The problem with ISP-based DDoS solutions... 4 On-demand cloud DDoS
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationIJMIE Volume 2, Issue 9 ISSN: 2249-0558
Survey on Web Application Vulnerabilities Prevention Tools Student, Nilesh Khochare* Student,Satish Chalurkar* Professor, Dr.B.B.Meshram* Abstract There are many commercial software security assurance
More informationInformation Technology Policy
Information Technology Policy Enterprise Web Application Firewall ITP Number ITP-SEC004 Category Recommended Policy Contact RA-ITCentral@pa.gov Effective Date January 15, 2010 Supersedes Scheduled Review
More informationFirewalls, NAT and Intrusion Detection and Prevention Systems (IDS)
Firewalls, NAT and Intrusion Detection and Prevention Systems (IDS) Internet (In)Security Exposed Prof. Dr. Bernhard Plattner With some contributions by Stephan Neuhaus Thanks to Thomas Dübendorfer, Stefan
More informationDNS FLOODER V1.1. akamai s [state of the internet] / Threat Advisory
GSI ID: 1065 DNS FLOODER V1.1 RISK FACTOR - HIGH 1.1 OVERVIEW / PLXSert has observed the release and rapid deployment of a new DNS reflection toolkit for distributed denial of service (DDoS) attacks. The
More informationInformation Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified
Standard: Data Security Standard (DSS) Requirement: 6.6 Date: February 2008 Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified Release date: 2008-04-15 General PCI
More informationWhite paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.
TrusGuard DPX: Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls...
More informationMitigating Denial of Service Attacks. Why Crossing Fingers is Not a Strategy
Mitigating Denial of Service Attacks Why Crossing Fingers is Not a Strategy Introduction Mark Baldwin - Owner of Tectonic Security MSSP and Security Consulting Primarily Work With SMBs DDoS Mitigation
More informationHow To Protect A Web Application From Attack From A Trusted Environment
Standard: Version: Date: Requirement: Author: PCI Data Security Standard (PCI DSS) 1.2 October 2008 6.6 PCI Security Standards Council Information Supplement: Application Reviews and Web Application Firewalls
More informationComplete Protection against Evolving DDoS Threats
Complete Protection against Evolving DDoS Threats AhnLab, Inc. Table of Contents Introduction... 2 The Evolution of DDoS Attacks... 2 Typical Protection against DDoS Attacks... 3 Firewalls... 3 Intrusion
More informationWHITE PAPER. Enhancing Application Delivery and Load Balancing on Amazon Web Services with Brocade Virtual Traffic Manager
WHITE PAPER Enhancing Application Delivery and Load Balancing on Amazon Web Services with Brocade Virtual Traffic Manager ALREADY USING AMAZON ELASTIC LOAD BALANCER? As an abstracted service, Amazon ELB
More informationVMware Horizon Mirage Load Balancing
SOLUTION GUIDE VMware Horizon Mirage Load Balancing Solution Guide Version 1.1 July 2014 2014 Riverbed Technology, Inc. All rights reserved. Riverbed, SteelApp, SteelCentral, SteelFusion, SteelHead, SteelScript,
More informationCALNET 3 Category 7 Network Based Management Security. Table of Contents
State of California IFB STPD 12-001-B CALNET 3 Category 7 Network Based Security Table of Contents 7.2.1.4.a DDoS Detection and Mitigation Features... 1 7.2.2.3 Email Monitoring Service Features... 2 7.2.3.2
More informationProtecting Against Application DDoS Attacks with BIG-IP ASM: A Three-Step Solution
Protecting Against Application DDoS Attacks with BIG-IP ASM: A Three-Step Solution Today s security threats increasingly involve application-layer DDoS attacks mounted by organized groups of attackers
More information1 2013 Infoblox Inc. All Rights Reserved. Securing the critical service - DNS
1 2013 Infoblox Inc. All Rights Reserved. Securing the critical service - DNS Dominic Stahl Systems Engineer Central Europe 11.3.2014 Agenda Preface Advanced DNS Protection DDOS DNS Firewall dynamic Blacklisting
More informationHow Web Application Security Can Prevent Malicious Attacks
Securing Enterprise Web Applications for Critical Data Protection and PCI-DSS Compliance Selecting the Right Technology is Essential in Guarding Against Malicious Attacks White_Paper As today s organizations
More informationBridging the gap between COTS tool alerting and raw data analysis
Article Bridging the gap between COTS tool alerting and raw data analysis An article on how the use of metadata in cybersecurity solutions raises the situational awareness of network activity, leading
More informationIntroduction: 1. Daily 360 Website Scanning for Malware
Introduction: SiteLock scans your website to find and fix any existing malware and vulnerabilities followed by using the protective TrueShield firewall to keep the harmful traffic away for good. Moreover
More informationApplication Firewall Overview. Published: February 2007 For the latest information, please see http://www.microsoft.com/iag
Application Firewall Overview Published: February 2007 For the latest information, please see http://www.microsoft.com/iag Contents IAG Application Firewall: An Overview... 1 Features and Benefits... 2
More informationWeb Application Defence. Architecture Paper
Web Application Defence Architecture Paper June 2014 Glossary BGP Botnet DDoS DMZ DoS HTTP HTTPS IDS IP IPS LOIC NFV NGFW SDN SQL SSL TCP TLS UTM WAF XSS Border Gateway Protocol A group of compromised
More informationThe F5 Intelligent DNS Scale Reference Architecture.
The F5 Intelligent DNS Scale Reference Architecture. End-to-end DNS delivery solutions from F5 maximize the use of organizational resources, while remaining agile and intelligent enough to scale and support
More information