Mitigating Attacks on your   Applications & Data             With       AppWall         Igor Kontsevoy         November, 2...
Agenda• The Solution: AppWall Web Application Firewall  – Product overview  – Security  – Auto Policy Generation  – Securi...
The Solution:  AppWall
Introducing AppWall• AppWallTM is a WAF that secures Web applications  and enables PCI compliance by:  – Blocking attacks ...
Introducing AppWall• AppWallTM is a WAF that secures Web applications  and enables PCI compliance by:  – Blocking attacks ...
AppWall OverviewOut-of-the-Box PCI Compliance               Fast Implementation• WAF + IPS (PCI 6.6 & 11.4)               ...
Complete Web Application ProtectionSignature &   • Cross site scripting (XSS)    Rule      • SQL injection, LDAP injection...
Complete Web Application ProtectionParameters    • Buffer overflow (BO)Inspection    • Zero-day attacks              • Cro...
Flexible Deployment Strategies                    Access                         Virtual IP                Public IP IP   ...
Multi-Tenancy• AppWall defines web application by any  combination of:  – Secured Web Server IP/Port  – Secured Host name ...
Patent Protected “App Path” Technology                              AppWall Policy                              Lightweigh...
AppWall’sAdaptive Auto Policy Generation              and     Application Visibility
Adaptive Auto Policy Generation (1 of 4)                  App                 MappingReservations.com     /config/        ...
Adaptive Auto Policy Generation (2 of 4)                  App                     Threat                 Mapping          ...
Adaptive Auto Policy Generation (3 of 4)                  App          Threat                Policy                 Mappin...
Adaptive Auto Policy Generation (4 of 4)                  App          Threat                Policy           Policy      ...
Application Visibility – Application Tree View                                          Slide 17
Application Visibility – Parameters ViewCookiePath ParameterQuery Parameter                                             Sl...
Authentication Single-Sing-OnRole Based Policy                    Slide 19
AppWall Role Based PolicyAppWall Role Based Policy Enables defining different security policies for different users To pro...
Role Based Policy Delivers:Authentication and login detectionAuthorization and access controlAccounting and AuditingWeb ba...
Role Based Policy• Defining web app role based security policy• Retrieving the users’ group association from LDAP.• Config...
Radware.com - Employee                  Slide 23
Radware.com – admin user                    Slide 24
Slide 25
Role Based Policy             Slide 26
Sharing Policy Among Roles    Shared Policy Across Roles (new)Different Policies (old):• Customer – Access Prohibited• Par...
Security & Compliance Reporting
Best Security & Compliance Reports• Network and application security correlation  reports• Dozens of predefined security r...
AppWall & DefensePro Correlation                 AppWall                 Blocked                 AttacksDefenseProBlockedA...
The Reporting Dashboard                   Slide 31
Top Attacks by Source                 Slide 32
PCI Compliance Summary Report                            Compliance                            Status                     ...
Summary
The Cost of Insecurity035
AppWall Distinctive Competence• Cloud Ready Complete ADC solution• Unique Network & Application Attack mitigation• Adaptiv...
The End
Upcoming SlideShare
Loading in …5
×

DSS ITSEC Conference 2012 - Radware WAF Tech

684 views

Published on

Presentation from Riga, Latvia. "Data Security Solutions" Ltd. ITSEC Conference.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
684
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

DSS ITSEC Conference 2012 - Radware WAF Tech

  1. 1. Mitigating Attacks on your Applications & Data With AppWall Igor Kontsevoy November, 2012
  2. 2. Agenda• The Solution: AppWall Web Application Firewall – Product overview – Security – Auto Policy Generation – Security & Compliance Reporting – Role Based Policy• Summary Slide 2
  3. 3. The Solution: AppWall
  4. 4. Introducing AppWall• AppWallTM is a WAF that secures Web applications and enables PCI compliance by: – Blocking attacks on Web application – Preventing data theft and manipulation of sensitive data• Available either as Physical or Virtual Appliance. Slide 4
  5. 5. Introducing AppWall• AppWallTM is a WAF that secures Web applications and enables PCI compliance by: – Blocking attacks on Web application – Preventing data theft and manipulation of sensitive data• Available either as Physical or Virtual Appliance. Slide 5
  6. 6. AppWall OverviewOut-of-the-Box PCI Compliance Fast Implementation• WAF + IPS (PCI 6.6 & 11.4) • Simple initial deployment• PCI Compliance Reporting • Best in class Auto-Policy GenerationRisk Management APSolute Vision SIEM• Unified and AppWall Correlated reporting across the network• Security reportingScalability Complete Web App Protection• Cluster deployment • Full coverage of OWASP Top-10• Centralized policy management • Negative & positive security models• Scalable by Device
  7. 7. Complete Web Application ProtectionSignature & • Cross site scripting (XSS) Rule • SQL injection, LDAP injection, Protection OS commandingTerminate TCP, • EvasionsNormalize, • HTTP response splitting (HRS)HTTP RFC • Credit card number (CCN) /Data Leak Social Security (SSN)Prevention • Regular Expression
  8. 8. Complete Web Application ProtectionParameters • Buffer overflow (BO)Inspection • Zero-day attacks • Cross site request forgery User • Cookie poisoning, session Behavior hijacking • Folder / file level access controlLayer 7 ACL • White listing or black listingXML & Web • XML Validity and schema Services enforcementRole Based • Authentication Policy • User Tracking
  9. 9. Flexible Deployment Strategies Access Virtual IP Public IP IP AppWall Firewall Router ADC Internet AppWall Web Servers• Transparent bridge mode – No network topology changes required – Transparent to non-HTTP traffic – Fail-open interfaces AppWall Array• Transparent Reverse proxy – HTTP Proxy for maximum security – Preserves Original Client IP address• Reverse proxy – HTTP Proxy for maximum security• Cluster deployment – ADC farm deployment – Auto policy synchronization within the farm Slide 9
  10. 10. Multi-Tenancy• AppWall defines web application by any combination of: – Secured Web Server IP/Port – Secured Host name – Secured Application Tree (Folder)• AppWall enables complete multi-tenancy with: – Policy separation per Web Application – RBAC per Web Application – Reporting per Web Application Slide 10
  11. 11. Patent Protected “App Path” Technology AppWall Policy Lightweight Policy, Negative security Policy only. Negative + Positive Intensive securityApplication InspectionScopePolicy Fully restricted access for othersOther WAFs than the App Admin. Slide 11
  12. 12. AppWall’sAdaptive Auto Policy Generation and Application Visibility
  13. 13. Adaptive Auto Policy Generation (1 of 4) App MappingReservations.com /config/ /admin/ /register/ /hotels/ /info/ /reserve/ Slide 13
  14. 14. Adaptive Auto Policy Generation (2 of 4) App Threat Mapping AnalysisReservations.com /config/ Risk analysis per “ application-path” Spoof identity, steal user information, data tampering /admin/ SQL Injection /register/ CCN breach Information leakage /hotels/ Gain root access control /info/ Directory Traversal /reserve/ Buffer Overflow Unexpected application behavior, system crash, full system compromise Slide 14
  15. 15. Adaptive Auto Policy Generation (3 of 4) App Threat Policy Mapping Analysis GenerationReservations.com /config/ Prevent access to /admin/ SQL Injection sensitive app sections /register/ CCN breach Mask CCN, SSN, etc. in ***********9459 responses. /hotels/ Traffic normalization & /info/ Directory Traversal HTTP RFC validation /reserve/ Buffer Overflow P Parameters inspection Slide 15
  16. 16. Adaptive Auto Policy Generation (4 of 4) App Threat Policy Policy Mapping Analysis Generation ActivationReservations.com Time to protect Virtually zero false positive /config/ /admin/ SQL Injection Optimize rules for /register/ CCN breach best ***********9459 accuracy /hotels/ /info/ Directory Traversal Add /reserve/ Buffer Overflow P tailored application rules Best Security coverage Slide 16
  17. 17. Application Visibility – Application Tree View Slide 17
  18. 18. Application Visibility – Parameters ViewCookiePath ParameterQuery Parameter Slide 18
  19. 19. Authentication Single-Sing-OnRole Based Policy Slide 19
  20. 20. AppWall Role Based PolicyAppWall Role Based Policy Enables defining different security policies for different users To provide flexible access to web application While properly securing the application. Slide 20
  21. 21. Role Based Policy Delivers:Authentication and login detectionAuthorization and access controlAccounting and AuditingWeb based Single Sign OnSeparation of dutiesApplication Content Control Slide 21
  22. 22. Role Based Policy• Defining web app role based security policy• Retrieving the users’ group association from LDAP.• Configure different policies for different roles: – Admin – Employee – Partner – Customer – Public Slide 22
  23. 23. Radware.com - Employee Slide 23
  24. 24. Radware.com – admin user Slide 24
  25. 25. Slide 25
  26. 26. Role Based Policy Slide 26
  27. 27. Sharing Policy Among Roles Shared Policy Across Roles (new)Different Policies (old):• Customer – Access Prohibited• Partner - Access allowed but CCN Masked• Employee - Access allowed and see CNN Slide 27
  28. 28. Security & Compliance Reporting
  29. 29. Best Security & Compliance Reports• Network and application security correlation reports• Dozens of predefined security reports• Learning reports detailing learned app resources• Audit and access reports• PCI Compliance reports Slide 29
  30. 30. AppWall & DefensePro Correlation AppWall Blocked AttacksDefenseProBlockedAttacks Slide 30
  31. 31. The Reporting Dashboard Slide 31
  32. 32. Top Attacks by Source Slide 32
  33. 33. PCI Compliance Summary Report Compliance Status Analysis InfoPCIRequirement Action Plan Slide 33
  34. 34. Summary
  35. 35. The Cost of Insecurity035
  36. 36. AppWall Distinctive Competence• Cloud Ready Complete ADC solution• Unique Network & Application Attack mitigation• Adaptive Auto Policy Generation• Best security & compliance reports• Reduced Cost of Ownership Slide 36
  37. 37. The End

×