Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

F5 Networks Adds To Oracle Database

3,662 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

F5 Networks Adds To Oracle Database

  1. 1. F5 Adds Solutions for Oracle Database<br />
  2. 2. Announcement Highlights, February 14<br />F5 adds to its portfolio of solutions for Oracle Database<br />New solution combines F5 BIG-IP Application Security Manager with Oracle Database Firewall<br />Solution provides:<br />Strong protection against SQL injection attacks around the web application and database<br />Audit data to correlate security events reported by the web application firewall and database firewall<br />Logs user information for attacks and out-of-policy behavior<br />
  3. 3. Application Trends and Drivers <br />“Webification” of applications<br />Intelligent browsers and applications<br />Increasing regulatory requirements (PCI)<br />Untargeted attacks – BOTs<br />Targeted attacks – (D)DoS<br />Public awareness of breach attempts and data security<br />Tough economy = constrained resources and budgets cuts increased security risks; reduced compliance<br />
  4. 4. Web applications are at risk <br />SANS report<br />Focused on patching Operating Systems<br />80% of vulnerabilities are in web apps<br />60% of the attack vectors are web based<br />Reports from 7Safe and Web Hacking Incidents Database stat that 60% of all breach incidents examined involved SQL injection<br />
  5. 5. F5 and Oracle Solutionsare Engineered to WorkTogether<br />
  6. 6. F5 and Oracle Solutions areEngineered to Work Together<br />
  7. 7. F5 BIG-IP Application Security Manager<br />Provides comprehensive protection of all web application vulnerabilities<br />Logs and reports all application traffic and attacks<br />Enables Layer 2 through Layer 7 protection<br />Learning and Blocking Modes<br />Web attack types<br />SQL Injection<br />
  8. 8. Oracle Database Firewall<br />Real-time database activity monitoring and blocking<br />Responds to each type of threat via either logging, monitoring, alerting, blocking, or substituting<br />Deployed out-of-band or in-band with heterogeneous database environments<br />Available as a virtual appliance<br />
  9. 9. F5 and Oracle Integrated Solution<br />Monitor and block traffic at the web and database layers<br />Application sessions tracked from client, to web, to database, and back<br />When anomalies are detected by ASM, they are logged by both ASM and Oracle DBFW<br />ASM provides user and web context of the attack enabling complete visibility of attack from source IP address, through HTTP page and session to SQL transaction.<br />DBFW can analyze the full SQL transaction to see if the query is out of policy, rather than just a fragment.<br />Ensures that administrators are always able to get consistent, correlated application monitoring data<br />Web tier attacks are blocked by ASM<br />Undetected attacks that get to the database are blocked by DBFW<br />
  10. 10. www.acme.com?id=%27+OR+1%3D1+-<br />How Does it Work?<br />ASM Event<br />User Identity<br />External Users<br />Administrators<br />APPLICATIONS<br />Internal<br />Users<br />NETWORK<br />DATABASES<br />Integrated Log<br />DBFW Management Server <br />Correlated Syslog Event<br />SIEM<br />Web Application traffic is secured with ASM,<br />Database traffic is secured with Database Firewall<br />
  11. 11. Example Report<br />
  12. 12. Case Study: Large Financial in the UK<br />
  13. 13. F5 Networks and Oracle<br />Deliver application and database security event correlation<br />Unity security information management<br />Monitor security more easily<br />Protect applications and databases from unauthorized access<br />Driving joint customer engagements<br />Available now<br />

×