01 Cloud Computing Overview Intelligent Web Application Firewall For Cloud Infrastructure Introduction 2013 MONITORAPP Co., Ltd.
01 Cloud Computing Overview Cloud-based Web Firewall Overview The new form of system form that OS and S/W is installed on the cloud platform Provides in the form of S/W on a Linux-based Appliance Virtualization Install and operate several virtualized web application firewalls on existing appliances Equipments to optimize performance Dedicated equipments is required Appliance Virtualization
Character & Feature Configuration of Web Firewall based on virtual application Provides an application type web firewall to secure the Web in cloud service environment is provided as a separated form such as, or as a Linux-based S/W. ( APP) A company IaaS B company IaaS C company IaaS D company IaaS Gateway MONITORAPP Cloud Web Firewall MONITORAPP is developed to work at Engine Level, and it easily service to provide and recover the infra as a S/W module type by the Gateway.
Character & Feature Configuration of Web Firewall based on virtual application Individual service configuration is possible at the environment existing several appliance by using separated servers for a web firewall. Gateway ( APP) A co. IaaS B co. IaaS C co. IaaS ( APP) A co. B co. C co. Gateway
Character & Feature Main Features Software-based Web Firewall without extra H/W (Linux-based S/W type) Simple Installation based on package installation Reverse Proxy structure that can be operated by basic service DNS setting Powerful Security Features that are same as existing appliance equipments Integrated Management Features based on -based Extension Feature according to the target service or traffic usage Self High Availability(Active-Standby) based on DNS WWW1 : 10.1.1.100:80 a.com : 11.1.1.100:80 WWW2 : 10.1.1.200:8080 b.com : 11.1.1.200:8080 WWW1 Or WWW2 WAF1 WAF2 a.com b.com Client a,com Or b.com www1 www2 www1 www2
Character & Feature Main Security Features Vulnerability Attack Abnormal Request/Response /Data Protection User-defined Detection SQL Injection CSS Cookie Forgery CSRF Forceful Browsing Malicious File Upload Command Injection Directory Access Default Page Access System File Access Web Vulnerability Application Vulnerability Scanner/Proxy/Spambot HTTP Request Flooding Abnormal HTTP Request HTTP Method Restrictions Character Set Limitations Buffer Overflow POST Request Approval Unverified Redirect Application Profiling Session Attack Slow DoS Attack Personal Information Leakage Page Forgery Header Cloaking Error Page Cloaking Directory Listing User Access Rule Keyword Filter Rule IP White List IP Black List Pattern Rule Automatic Detection of the Attacker IP
Character & Feature Management & Auditing Feature Policy Setting Log Analysis and Search Security Auditing Monitoring Statistics and Reporting
03 Expected Effect Expected effects due to the introduction of Web Firewall Existing WAF environment One client per one H/W (Alone Appliance) Virtual WAF environment Many clients with one module (Multiple Application) Purchase and maintenance cost investment per one company Offline physical configuration changes when expansion, changes, moving, building Space occupied by one equipment per one client Electricity usage by equipment building The cost sharing with the cloud service using clients Logical configuration changes and management by Gateway (Provides Self-HA) No additional physical configuration because of software type Almost no additional cost APP Type Easy Configure Cost Reduction TCO Increasing Flexible WAF changing and management Green IT Realization
Thank You MONITORAPP Co.,Ltd. 306, Ace Techno Tower 1st, 197-17, Guro 3-dong, Guro-gu, Seoul, Korea Tel: +82-2-749-0799 Fax: +82-2-749-0798 E-Mail: sales@monitorapp.com Website: www.monitorapp.com