Multi-Layer Security for Multi-Layer Attacks. Preston Hogue Dir, Cloud and Security Marketing Architectures

Similar documents
Software Defined everything Internet of Things

How To Make A Cloud Bursting System Work For A Business

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

Application centric Datacenter Management. Ralf Brünig, F5 Networks GmbH Field Systems Engineer March 2014

Protect Your Infrastructure from Multi-Layer DDoS Attacks

F5 (Security) Web Fraud Detection. Keiron Shepherd Security Systems Engineer

Ganzheitlicher Schutz von Rechenzentren, Web-Servern und Anwendungen

STOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect

F5 Identity and Access Management (IAM) Overview. Laurent PETROQUE Manager Field Systems Engineering, France

The F5 DDoS Protection Reference Architecture

Ihr Standort bleibt erreichbar. Ihre Applikationen bleiben erreichbar!

Datacenter Transformation

Cisco ACI and F5 LTM Integration for accelerated application deployments. Dennis de Leest Sr. Systems Engineer F5

F5 fra Lastbalansering til Sikkerhet med Applikasjonene i fokus. Jon Bjørnland F5 Norway j.bjornland@f5.com

The F5 DDoS Protection Reference Architecture

Scale your DNS Infrastructure Ensure App and Service Availability. Nigel Ashworth Solution Architect EMEA

Business Case for a DDoS Consolidated Solution

Aplikacija novi vladar poslovanja. Dino Novak F5 Networks

MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013

CS5008: Internet Computing

WEB APPLICATION FIREWALLS: DO WE NEED THEM?

Security F5 SECURITY SOLUTION GUIDE

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

Seguridad ante los Ataques Ciberneticos DNS. ENRIQUE MEDINA

Arrow ECS University 2015 Radware Hybrid Cloud WAF Service. 9 Ottobre 2015

Business Case for Data Center Network Consolidation

Post-TMG: Securely Delivering Microsoft Applications

Replacing Microsoft Forefront Threat Management Gateway with F5 BIG-IP. Dennis de Leest Sr. Systems Engineer Netherlands

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

Availability Acceleration Access Virtualization - Consolidation

5 Key Reasons to Migrate from Cisco ACE to F5 BIG-IP

Contemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited

F5 Intelligent DNS Scale. Philippe Bogaerts Senior Field Systems Engineer mailto: Mob.:

IT Security Conference Romandie - Barracuda Securely Publishing Web Application a field dedicated to expert only?

Presented by Philippe Bogaerts Senior Field Systems Engineer Securing application delivery in the cloud

Readiness Assessments: Vital to Secure Mobility

White Paper A10 Thunder and AX Series Load Balancing Security Gateways

Application Security Manager ASM. David Perodin F5 Engineer

FortiWeb for ISP. Web Application Firewall. Copyright Fortinet Inc. All rights reserved.

FortiWeb 5.0, Web Application Firewall Course #251

How To Attack A Website With An Asymmetric Attack

Load Balancing Security Gateways WHITE PAPER

Guidelines for Web applications protection with dedicated Web Application Firewall

Mitigating DDoS Attacks with F5 Technology

10 Things Every Web Application Firewall Should Provide Share this ebook

Application Security in the Cloud with BIG-IP ASM

Infrastructure for more security and flexibility to deliver the Next-Generation Data Center

Automated Mitigation of the Largest and Smartest DDoS Attacks

Where every interaction matters.

Deploying F5 with Microsoft Dynamics CRM 2011 and 2013

IJMIE Volume 2, Issue 9 ISSN:

NIP6300/6600 Next-Generation Intrusion Prevention System

Jort Kollerie SonicWALL

Arbor s Solution for ISP

Deploying F5 with Microsoft Active Directory Federation Services

Automated Mitigation of the Largest and Smartest DDoS Attacks

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Protecting against DoS/DDoS Attacks with FortiWeb Web Application Firewall

Unleash the power of Cisco ACI and F5 Synthesis for Accelerated Application deployments. Ravi Balakrishnan Senior Marketing Manager, Cisco Systems

Deploying the BIG-IP System with Microsoft SharePoint

ArcGIS Server Security Threats & Best Practices David Cordes Michael Young

SHARE THIS WHITEPAPER. On-Premise, Cloud or Hybrid? Approaches to Mitigate DDoS Attacks Whitepaper

Deploying F5 with Microsoft Dynamics CRM 2011 and 2013

Dynamic Attack Protection and Access Control

Deploying F5 to Replace Microsoft TMG or ISA Server

F5 and Microsoft Exchange Security Solutions

Guide to DDoS Attacks December 2014 Authored by: Lee Myers, SOC Analyst

The Web AppSec How-to: The Defenders Toolbox

The F5 DDoS Playbook: Ten Steps for Combating DDoS in Real Time

Ferramentas de Ataques de DDoS e a Evolução de ameaças a disponibilidade contra serviços Internet. Julio Arruda Gerente America Latina Engenharia

Deploying F5 with VMware View and Horizon View

Symantec App Center 4.0 Admin Documentation

AntiDDoS1000 DDoS Protection Systems

Cloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive

F5 White Paper. The F5 Powered Cloud

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

efending The New Perimeter nd Protecting Applications Anywhere

F5 BIG DDoS Umbrella. Configuration Guide

Dell SonicWALL Portfolio

DEPLOYMENT GUIDE Version 2.1. Deploying F5 with Microsoft SharePoint 2010

REAL-TIME WEB APPLICATION PROTECTION. AWF SERIES DATASHEET WEB APPLICATION FIREWALL

WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY

DENIAL-OF-SERVICE ATTACKS

Mingyu Web Application Firewall (DAS- WAF) All transparent deployment for Web application gateway

Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?

Protection against DDoS and WEB attacks. Michael Soukonnik Radware Ltd

FortiDDos Size isn t everything

Web Application Defence. Architecture Paper

F5 PARTNERSHIP SOLUTION GUIDE. F5 and VMware. Virtualization solutions to tighten security, optimize performance and availability, and unify access

SourceFireNext-Generation IPS

F5 Applikationsbereitstellung ohne Grenzen

The F5 Intelligent DNS Scale Reference Architecture.

Filling the Threat Management Gateway Void with F5

F5 NETWORKS, INC. Secure Your Applications, Simplify Authentication, and Optimize Critical System

Web Application Firewall Data Security Solutions. Cloud Firewall

Implementing PCoIP Proxy as a Security Server/Access Point Alternative

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

Transcription:

Multi-Layer Security for Multi-Layer Attacks Preston Hogue Dir, Cloud and Security Marketing Architectures

High-Performance Services Fabric Programmability Data Plane Control Plane Management Plane Virtual Edition Appliance Chassis Network [Physical Overlay SDN] F5 Agility 2014 2

Data Plane Programmability Control Plane Management Plane Virtual Edition Appliance Chassis Virtual Edition Appliance Chassis Network [Physical Overlay SDN] F5 Agility 2014 3

F5 Security Strategy

F5 Agility 2014 5

F5 Agility 2014 6

F5 Agility 2014 7

F5 Agility 2014 8

Evolving Security Threat Landscape cookie tampering Identity Extraction malware redirected traffic DNS Cache Poisoning SSL renegotiation CSRF Trojans parameter tampering SQL Injection smurf slowloris ICMP Flood spear attack CVE attack phishing UDP DNS malformed flood packet web scraping syn flood HTTP fragmentation brute force recursive GET social DNS Amplification ping of death Phishing XSS key loggers engineering URL tampering F5 Agility 2014 9 HashDos privilege escalations excessive GET/POST sockstress

What does F5 know about security?

Control through context Client Information + Traffic Content + Application Health F5 Agility 2014 11

1. Client context in security OS Device Operating Browser Geolocation IP intelligence system F5 Agility 2014 12

2. Traffic context in security XSS Unauthorized access SYN flood XSS SQL injection Fraud F5 Agility 2014 13

3. Application context in security v3.1??? App health Server status Software type/version App vulnerability Resource capacity F5 Agility 2014 14

You can t secure what you don t know.

F5 Agility 2014 16

F5 Agility 2014 17

Full-proxy architecture WAF WAF Slowloris attack XSS HTTP irule LB1 irule HTTP Data leakage SSL renegotiation SSL irule irule SSL SYN flood ICMP flood TCP irule irule TCP Network Firewall F5 Agility 2014 18

Slide 18 LB1 Per Preston, make instances of irule smaller. Add "Security context" above irule. Lorraine Barnes; 24.10.2013

F5 provides comprehensive application security Enterprise Mobility Management Inspecting SSL Web Fraud Protection IP Intelligence DDoS Protection Securing access to applications from anywhere Application Access Management Network Firewall Secure DNS High-Performance IPS Web Application Firewall Protecting your applications regardless of where they live F5 Agility 2014 19

Built for intelligence, speed and scale Users Concurrent user sessions 200K Concurrent logins 3,000/sec. Resources Throughput 640 Gbps Concurrent connections 288 M DNS query response 12 M/sec SSL TPS (2K keys) 240K/sec Connections per second 12.2 M

Full proxy security BIG-IP APM F5 Agility 2014 21

BIG-IP ASM Request Reply BIG-IP ASM HTTP Slowloris irule irule HTTP SlowPost SSL Renegotiation irule irule SSL Re-encryption TCP SynFlood irule irule TCP OneConnect BIG-IP AFM BIG-IP AFM F5 Agility 2014 22

BIG-IP ASM Request Reply BIG-IP ASM HTTP Slowloris irule irule HTTP SlowPost SSL Renegotiation irule irule SSL Re-encryption TCP SynFlood irule irule TCP OneConnect F5 Agility 2014 23

BIG-IP LTM F5 Agility 2014 24

F5 Provides Complete Visibility and Control Across Applications and Users Securing access to applications from anywhere Virtual Edition Chassis Appliance Protecting your applications regardless of where they live F5 Agility 2014 25

Identity and Access Management (IAM) Solution Securing access to applications from anywhere Authentication, Authorization, and SSO to All Apps Secure Web Gateway Internet Internet Apps Internet Apps Web Access Management Remote Access and Application Access Enterprise Apps Virtual Edition Appliance Chassis Mobile Apps Enterprise Mobility Management Federation Cloud, SaaS, and Partner Apps F5 Agility 2014 26

Application Delivery Firewall (ADF) Solution Protecting your applications regardless of where they live Bringing deep application fluency and price performance to firewall security One Platform Network Firewall Traffic Management Application Security Access Control DDoS Protection SSL DNS Security Web Fraud Protection EAL2+ EAL4+ (in process) DC FW (in process) WAF (in process) DDoS (pending) F5 Agility 2014 27

F5 provides comprehensive application security Mobile App Management Network DDoS Protection Web Application Firewall Network Access DNS DDoS Protection Application Access Network Firewall SSL DDoS Protection Application DDoS Protection Fraud Protection F5 Agility 2014 28

F5 security reference architectures Mobile App Management Network DDoS Protection Web Application Firewall Secure Mobility Network Access Secure Exchange DDoS Protection DNS DDoS Protection Web App Firewall Secure Web Gateway Remote Access Network Firewall Secure DNS Secure VDI Application Access Network Firewall Web Access Management SSL DDoS Protection Inspecting SSL Application DDoS Protection Fraud Protection Versafe F5 Agility 2014 29

Secure Mobility Secure Exchange DDoS Protection Web App Firewall Secure Web Gateway Remote Access Network Firewall Secure DNS Secure VDI Web Access Management Inspecting SSL Versafe F5 Agility 2014 30

Reference Architectures

F5 Reference Architectures Real solutions for real problems Web Fraud Protection High Performance IPS S/Gi Network Simplification Security for Service Providers Application Services Migration to Cloud DevOps DDoS Protection LTE Roaming Intelligent DNS Scale Cloud Federation Cloud Bursting Secure Web Gateway Benefits Minimize deployment times Reduce security design costs Strengthen security posture F5 F5 Agility Networks, 2014 Inc. 32

DDoS Protection Reference Architecture Next-Generation Firewall Corporate Users Tier 1 Tier 2 Multiple ISP strategy Network attacks: ICMP flood, UDP flood, SYN flood SSL attacks: SSL renegotiation, SSL flood Financial Services Legitimate Users DDoS Attacker ISPa/b Cloud Scrubbing Service DNS attacks: DNS amplification, query flood, dictionary attack, DNS poisoning Network and DNS IPS HTTP attacks: Slowloris, slow POST, recursive POST/GET Application E- Commerce Subscriber Threat Threat Feed Intelligence Feed Intelligence Scanner Anonymou s Proxies Anonymou s Requests Botnet Attacker s Strategic Point of Control F5 Agility 2014 33

Identity Federation Architecture On-Premises Infrastructure Corporate Users Users SAML Identity management Multi-factor authentication Attackers SAML Real-time access control Access policy enforcement Access Managemen t Directory Services Corporate Applications Office 365 Google Apps Salesforc e SaaS Providers Identity federation Strategic Point of Control F5 Agility 2014 34

Secure Web Gateway Reference Architecture F5 Agility 2014 35

Microsoft Threat Management Gateway Deployment F5 Agility 2014 36

F5 s Alternative to Microsoft Threat Management Gateway F5 Agility 2014 37

Web Fraud Protection architecture diagram A Online Customers Man-in-the- Browser Attacks Copied Pages and Phishing B Online Customers Web Fraud Protection Network Firewall Application C Account Amount Transfer Funds Security Operations Center Automated Transactions Online Customers Customer Scenarios A Malware Detection and Protection B Anti-Phishing C Transaction Analysis Strategic Point of Control F5 Agility 2014 38

High Performance IPS Reference Architecture F5 Agility 2014 39

VMware Horizon View Architecture On-Premises Infrastructure HTTPS PCoIP Internal Users SSL Decryption Authentication High Availability PCoIP Proxy VDI Infrastructure HTTPS HTTP/S External Users PCoIP Access Managemen t PCoIP Authentication Strategic Point of Control F5 Agility 2014 40

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information