Proteja suas Aplicações e esteja Seguro
Vinicius Miranda, Sales Engineer
WestconGroup, [email protected]
© F5 Networks, Inc 2
• A Importância da Proteção para suas Aplicações;
• Qual a Diferença entre o Firewall Tradicional e o Firewall de Aplicação?
• Principais Ataques Direcionados para as Aplicações;
• Como a F5 Networks ajuda na Proteção das suas Aplicações?
• Duvidas;
Agenda
A Importância da Proteção para as Aplicações
© F5 Networks, Inc 4
Business App Security Access
Proteção da Aplicação é igual a Proteção do Negócio?
Vazamentode Dados
Roubo de Credencial
Fraude
US$ 81 Milhões
8.695 casos no Brasil entre
2014/2015 –PwC 16
© F5 Networks, Inc 5
Como comprovar essa realidade?
Source: Akamai Report
Firewall Tradicional e Firewall de Aplicação, qual é a Diferença???
© F5 Networks, Inc 7
Vamos entender…
“Next generation” Firewall
Characteristics
• Outbound USER inspection
• Who is doing what?
• “Trusted” users to Internet
Corporate
(users)
Web Application Firewall
Data center
(servers)
Characteristics
• Inbound APPLICATION protection
• Application delivery focus
• “Untrusted” users to data center
© F5 Networks, Inc 8
Ok…mas qual é a diferença entre eles?
Multiprotocol Security
IP Reputation
Web Attack Signatures
Web Vulnerabilities Signatures
Automatic Policy Learning
URL, Parameter, Cookie and Form Protection
Leverage Vulnerability Scan Results
Principais Ataques Direcionados para as Aplicações
© F5 Networks, Inc 10
Roubo de Credencial, Vazamento de Dados, AplicaçõesLentas…
SQL
Injection
Cross-Site
Scripting
XSS
Parameter
Tampering
© F5 Networks, Inc 11
Vulnerabilidades nas Aplicações WEB…
7%
2014
40%
2016
Como estar protegido diante deste Cenário?
Como a F5 Networks pode ajudar?
© F5 Networks, Inc 13
The New Perimeter Is An App PerimeterApps Are The Gateway to Data!
F5
SS
L
SS
L
SS L
APP
PER-APP / PER-USER PERIMETER
SSL-visible ✖ ✔
Location-independent ✖ ✔
Session-based ✖ ✔
Continuous trust
verification✖ ✔
Strategic control points ✖ ✔
App availability ✖ ✔
TRADITIONAL
TRADITIONAL NETWORK PERIMETER
App
© F5 Networks, Inc 14
Let’s talk about Web Application Firewall - WAF
• A Web application firewall protects Web
servers from malicious traffic and blocks
attempts to compromise the system.
• It prevents targeted attacks that include
cross-site scripting, SQL injection, forceful
browsing,cookie poisoning and invalid
input.
• The F5 BIG-IP® Application Security
Manager is a Web application firewall that
uses both positive and negative security
models to identify, isolate and block
sophisticated attacks without impacting
legitimate application transactions. ASM
© F5 Networks, Inc 15
The Value Of F5 Hybrid WAF Protection
Secure response delivered
Request made
BIG-IP ASM security policy checked
Server response generated
Vulnerable application
• Drop, block or forward request
• Application attack filtering & inspection
• SSL, TCP, HTTP DoS mitigation
Response inspection for errors
and leakage of sensitive
information
BIG-IP ASM security policy enforced
• #1 Most Effective WAF (NSS Labs)
• 2780 signatures for best protection
• Enable transparent protection from ever-
changing threats
• Reduce risks from vulnerabilities with
dynamic VA/ DAST integrations
• Engage unique BOT detection (rapid surfing, intervals, event sequence)
• #1 Most Deployed WAF (451 Research)
• 10 of OWASP attacks mitigated with on-box
reporting
• Deploy full-proxy or transparent full-proxy
(bridge mode)
© F5 Networks, Inc 16
Mitigate Attacks Across Flexible Environments
Internet
VIPRION Platform
Devices
Data Center
Load Balancing+ DDoS Protection
+ Application Security
BIG-IP ASM
• Protect critical apps in the datacenter
• Install on any BIG-IP platform
• Deploy as an add-on to BIG-IPs in use or run it as a standalone.
Protection in the datacenter
NO APP LEFT UNPROTECTED!
BIG-IP Virtual Edition
Securing apps in the cloudBIG-IP ASM VE
• Activate security services close to apps that have moved to the cloud
• Accelerate development and test
Cloud-based app protection
Silverline Web App Firewall
• Fast activation of ASM protections
• Managed service for SaaS and tier 2 applications
• 24x7x365 SOC Support
© F5 Networks, Inc 17
ASM SILVERLINEWAF
PROTEJA SUAS APLICAÇÕES E ESTEJA SEGURO!!!!!
Next Steps
• Visit us online at www.F5.com/security and for more information on F5 security solutions.
• Contact your F5 solution expert to discuss effective security solutions that meet specific needs of your organization and those you do business with.
Edifício Berrini Plaza
Rua Samuel Morse, 134 - 10º andar
Brooklin - São Paulo SP
Tel: +55 11 5054.4480
CEP: 04576-060
E-mail: [email protected]