F5 Networks Adds To Oracle Database

3,627 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
3,627
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
80
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • User logs into a web applicationF5 identifies possible SQL injection eventSecurity event containint use and web app info is sent from ASM to DBFW via an iRuleDBFW correlates the ASM event with the database traffic logDBFW take an appropriate action (block, alert, pass)Correlated even data is sent to SIEM logEnriched data is available for reporting and forensic analysisIntegrated report is available for distributionIntegrated log entry is generated and stored in DBFW
  • F5 Networks Adds To Oracle Database

    1. 1. F5 Adds Solutions for Oracle Database<br />
    2. 2. Announcement Highlights, February 14<br />F5 adds to its portfolio of solutions for Oracle Database<br />New solution combines F5 BIG-IP Application Security Manager with Oracle Database Firewall<br />Solution provides:<br />Strong protection against SQL injection attacks around the web application and database<br />Audit data to correlate security events reported by the web application firewall and database firewall<br />Logs user information for attacks and out-of-policy behavior<br />
    3. 3. Application Trends and Drivers <br />“Webification” of applications<br />Intelligent browsers and applications<br />Increasing regulatory requirements (PCI)<br />Untargeted attacks – BOTs<br />Targeted attacks – (D)DoS<br />Public awareness of breach attempts and data security<br />Tough economy = constrained resources and budgets cuts increased security risks; reduced compliance<br />
    4. 4. Web applications are at risk <br />SANS report<br />Focused on patching Operating Systems<br />80% of vulnerabilities are in web apps<br />60% of the attack vectors are web based<br />Reports from 7Safe and Web Hacking Incidents Database stat that 60% of all breach incidents examined involved SQL injection<br />
    5. 5. F5 and Oracle Solutionsare Engineered to WorkTogether<br />
    6. 6. F5 and Oracle Solutions areEngineered to Work Together<br />
    7. 7. F5 BIG-IP Application Security Manager<br />Provides comprehensive protection of all web application vulnerabilities<br />Logs and reports all application traffic and attacks<br />Enables Layer 2 through Layer 7 protection<br />Learning and Blocking Modes<br />Web attack types<br />SQL Injection<br />
    8. 8. Oracle Database Firewall<br />Real-time database activity monitoring and blocking<br />Responds to each type of threat via either logging, monitoring, alerting, blocking, or substituting<br />Deployed out-of-band or in-band with heterogeneous database environments<br />Available as a virtual appliance<br />
    9. 9. F5 and Oracle Integrated Solution<br />Monitor and block traffic at the web and database layers<br />Application sessions tracked from client, to web, to database, and back<br />When anomalies are detected by ASM, they are logged by both ASM and Oracle DBFW<br />ASM provides user and web context of the attack enabling complete visibility of attack from source IP address, through HTTP page and session to SQL transaction.<br />DBFW can analyze the full SQL transaction to see if the query is out of policy, rather than just a fragment.<br />Ensures that administrators are always able to get consistent, correlated application monitoring data<br />Web tier attacks are blocked by ASM<br />Undetected attacks that get to the database are blocked by DBFW<br />
    10. 10. www.acme.com?id=%27+OR+1%3D1+-<br />How Does it Work?<br />ASM Event<br />User Identity<br />External Users<br />Administrators<br />APPLICATIONS<br />Internal<br />Users<br />NETWORK<br />DATABASES<br />Integrated Log<br />DBFW Management Server <br />Correlated Syslog Event<br />SIEM<br />Web Application traffic is secured with ASM,<br />Database traffic is secured with Database Firewall<br />
    11. 11. Example Report<br />
    12. 12. Case Study: Large Financial in the UK<br />
    13. 13. F5 Networks and Oracle<br />Deliver application and database security event correlation<br />Unity security information management<br />Monitor security more easily<br />Protect applications and databases from unauthorized access<br />Driving joint customer engagements<br />Available now<br />

    ×