Proteção da aplicação | Webinar CYLK, Westcon e F5

Proteja suas Aplicações e esteja Seguro

Vinicius Miranda, Sales Engineer

WestconGroup, vinicius.miranda@westcon.com

© F5 Networks, Inc 2

• A Importância da Proteção para suas Aplicações;

• Qual a Diferença entre o Firewall Tradicional e o Firewall de Aplicação?

• Principais Ataques Direcionados para as Aplicações;

• Como a F5 Networks ajuda na Proteção das suas Aplicações?

• Duvidas;

Agenda

A Importância da Proteção para as Aplicações

© F5 Networks, Inc 4

Business App Security Access

Proteção da Aplicação é igual a Proteção do Negócio?

Vazamentode Dados

Roubo de Credencial

Fraude

US$ 81 Milhões

8.695 casos no Brasil entre

2014/2015 –PwC 16

© F5 Networks, Inc 5

Como comprovar essa realidade?

Source: Akamai Report

Firewall Tradicional e Firewall de Aplicação, qual é a Diferença???

© F5 Networks, Inc 7

Vamos entender…

“Next generation” Firewall

Characteristics

• Outbound USER inspection

• Who is doing what?

• “Trusted” users to Internet

Corporate

(users)

Web Application Firewall

Data center

(servers)

Characteristics

• Inbound APPLICATION protection

• Application delivery focus

• “Untrusted” users to data center

© F5 Networks, Inc 8

Ok…mas qual é a diferença entre eles?

Multiprotocol Security

IP Reputation

Web Attack Signatures

Web Vulnerabilities Signatures

Automatic Policy Learning

URL, Parameter, Cookie and Form Protection

Leverage Vulnerability Scan Results

Principais Ataques Direcionados para as Aplicações

© F5 Networks, Inc 10

Roubo de Credencial, Vazamento de Dados, AplicaçõesLentas…

SQL

Injection

Cross-Site

Scripting

XSS

Parameter

Tampering

© F5 Networks, Inc 11

Vulnerabilidades nas Aplicações WEB…

7%

2014

40%

2016

Como estar protegido diante deste Cenário?

Como a F5 Networks pode ajudar?

© F5 Networks, Inc 13

The New Perimeter Is An App PerimeterApps Are The Gateway to Data!

F5

SS

L

SS

L

SS L

APP

PER-APP / PER-USER PERIMETER

SSL-visible ✖ ✔

Location-independent ✖ ✔

Session-based ✖ ✔

Continuous trust

verification✖ ✔

Strategic control points ✖ ✔

App availability ✖ ✔

TRADITIONAL

TRADITIONAL NETWORK PERIMETER

App

© F5 Networks, Inc 14

Let’s talk about Web Application Firewall - WAF

• A Web application firewall protects Web

servers from malicious traffic and blocks

attempts to compromise the system.

• It prevents targeted attacks that include

cross-site scripting, SQL injection, forceful

browsing,cookie poisoning and invalid

input.

• The F5 BIG-IP® Application Security

Manager is a Web application firewall that

uses both positive and negative security

models to identify, isolate and block

sophisticated attacks without impacting

legitimate application transactions. ASM

© F5 Networks, Inc 15

The Value Of F5 Hybrid WAF Protection

Secure response delivered

Request made

BIG-IP ASM security policy checked

Server response generated

Vulnerable application

• Drop, block or forward request

• Application attack filtering & inspection

• SSL, TCP, HTTP DoS mitigation

Response inspection for errors

and leakage of sensitive

information

BIG-IP ASM security policy enforced

• #1 Most Effective WAF (NSS Labs)

• 2780 signatures for best protection

• Enable transparent protection from ever-

changing threats

• Reduce risks from vulnerabilities with

dynamic VA/ DAST integrations

• Engage unique BOT detection (rapid surfing, intervals, event sequence)

• #1 Most Deployed WAF (451 Research)

• 10 of OWASP attacks mitigated with on-box

reporting

• Deploy full-proxy or transparent full-proxy

(bridge mode)

© F5 Networks, Inc 16

Mitigate Attacks Across Flexible Environments

Internet

VIPRION Platform

Devices

Data Center

Load Balancing+ DDoS Protection

+ Application Security

BIG-IP ASM

• Protect critical apps in the datacenter

• Install on any BIG-IP platform

• Deploy as an add-on to BIG-IPs in use or run it as a standalone.

Protection in the datacenter

NO APP LEFT UNPROTECTED!

BIG-IP Virtual Edition

Securing apps in the cloudBIG-IP ASM VE

• Activate security services close to apps that have moved to the cloud

• Accelerate development and test

Cloud-based app protection

Silverline Web App Firewall

• Fast activation of ASM protections

• Managed service for SaaS and tier 2 applications

• 24x7x365 SOC Support

© F5 Networks, Inc 17

ASM SILVERLINEWAF

PROTEJA SUAS APLICAÇÕES E ESTEJA SEGURO!!!!!

Next Steps

• Visit us online at www.F5.com/security and for more information on F5 security solutions.

• Contact your F5 solution expert to discuss effective security solutions that meet specific needs of your organization and those you do business with.

Edifício Berrini Plaza

Rua Samuel Morse, 134 - 10º andar

Brooklin - São Paulo SP

Tel: +55 11 5054.4480

CEP: 04576-060

E-mail: info@cylk.com.br