Riverbed Securing Cloud Applications with a Distributed Web Application Firewall


Published on

The dramatic growth of online business along with the rise of cloud technologies has been accompanied by a burst of innovative ways to engage customers and drive new business models. It has also brought new security challenges as more customers and transactions are processed through online portals.

The focus of IT security is increasingly moving away from the network and IT infrastructure to the application and software architecture itself, which means IT organizations need to adapt to new security challenges.

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Riverbed Securing Cloud Applications with a Distributed Web Application Firewall

  1. 1. Securing Cloud Applications with a Distributed Web Application Firewall www.riverbed.com   ©2013  Riverbed  Technology  
  2. 2. Primary Target of Attack Shifting from Networks and Infrastructure to Applications NETWORKS ©2013  Riverbed  Technology    |    www.riverbed.com   INFRASTRUCTURE APPLICATIONS
  3. 3. Cloud Applications Are Exposed to New Threats Designing for dramatically larger number of users shifts focus towards performance and away from security Cloud   Cloud applications use off-the-shelf building blocks, in house services, and 3rd party frameworks – each with individual vulnerabilities Vulnerabilities exposed when applications designed for in-house data centers migrate to the cloud ©2013  Riverbed  Technology    |    www.riverbed.com  
  4. 4. There is a Real Cost of Not Securing Applications Global headlines. Real business impact. 3 $10,000,000 500,000 $94,000,000 40,000,000+ Months offline fined for security breach replacement credit cards issued in remediation costs credit card details lost ©2013  Riverbed  Technology    |    www.riverbed.com  
  5. 5. Beyond $$: Other Business Drivers for Application Security !   Regulatory Pressures !   PCI DSS, HIPAA, etc. Compliance Revenue & Reputation !   Opportunity cost of remediation !   Brand and reputation damage !   Loss of income !   Data Privacy Act Best Practices !   Security Governance !   Cross-business collaboration !   Delegation of responsibility !   Understand changing risk profiles of your application !   Due Diligence ©2013  Riverbed  Technology    |    www.riverbed.com  
  6. 6. Changing Risk Profiles Make it Harder to Secure Cloud Applications Vulnerable third-party software components Malicious requests (e.g. SQL-injection) Cross-site request forgery (CSRF) Authentication and session attacks Cross-site scripting (XSS) For detailed information on the latest trends in application vulnerabilities, see OWASP Top Ten Projects at https://www.owasp.org/ ©2013  Riverbed  Technology    |    www.riverbed.com   URL manipulation
  7. 7. Traditional Web Application Firewalls are Not Effective in Cloud Environments TRADITIONAL SOLUTION IS INEFFICIENT Dedicated hardware WAF One WAF per deployment Increased capital costs Decreased provisioning agility in a dynamic, virtualized environment Increased management costs without levels of delegation for administration ©2013  Riverbed  Technology    |    www.riverbed.com  
  8. 8. REQUIRED: A Distributed Web Application Firewall Purpose-built for Cloud Security
  9. 9. The Web Application Firewall Must be Massively Scalable & Portable !   Across CPU, computer, server rack and data center boundaries Public Private !   Across multiple applications at a time (e.g. cloud bursting) !   Across private, hybrid or public clouds, and small or large traditional data centers !   Available as virtual appliance and a plug-in !   Start small, but allow scale up without changes to security solution Data Center Local Machine ©2013  Riverbed  Technology    |    www.riverbed.com  
  10. 10. Flexible, Portable Across Platforms Fits into existing infrastructures and processes Available as virtual appliance and a plug-in ©2013  Riverbed  Technology    |    www.riverbed.com   Can live in a wide variety of components effectively Mixes traditional and virtual technologies
  11. 11. Distributed and Delegated Management Public 1 2 Easy, central management with a simple web-based management UI Granular configuration settings for each application and each customer Private 3 Proactive Monitoring – tuned for each application 4 Multi administrator privileges to handle diverse security policy schemes Fits into any – existing or planned – application delivery infrastructure. ©2013  Riverbed  Technology    |    www.riverbed.com  
  12. 12. Securing Cloud Applications with a Distributed Web Application Firewall    Download  the  Complete  Whitepaper  from     www.riverbed.com/s2ngray-­‐appsec   Follow  Us  :   www.riverbed.com©2013   ©2013  Riverbed  Technology