Snapt WAF Manual. Version 1.2. February pg. 1
|
|
- Joshua Carr
- 5 years ago
- Views:
Transcription
1 Snapt WAF Manual Version 1.2 February 2018 pg. 1
2 Contents Chapter 1: Introduction... 3 Chapter 2: General Usage... 3 IP Blacklisting IP Groups... 4 IP Blacklisting IP Access Control... 5 IP Blacklisting Snapt Blacklist Control... 5 GeoIP Blacklisting Settings... 6 GeoIP Blacklisting GeoIP Groups... 7 GeoIP Blacklisting IP Whitelist... 8 GeoIP Blacklisting GeoIP Access Control... 8 Test Cookie Settings... Error! Bookmark not defined. Test Cookie Whitelist... Error! Bookmark not defined. Upstream Protection HotLinking... 9 Upstream Protection HTTP Methods WAF Management Rulesets WAF Management Rule Triggers WAF Management Rule Definitions WAF Management Counters Attack Mitigation Chapter 3: Implementation Chapter 4: Standard Operation Chapter 5: Reporting pg. 2
3 Chapter 1: Introduction The Snapt Web Application Firewall (WAF) is used to add a layer of security to your web applications. It has a variety of capabilities to prevent denial of service (DoS), SQL injection, crosssite scripting (XSS), and numerous other attack vectors. It does this by intelligently monitoring incoming requests and applying a range of checks to determine whether or not they are legitimate, and if not, whether to block it. In this way, the Snapt WAF protects your servers and ensures your application remains uncompromised and performs optimally. You are also able to block various IP addresses/ranges of known sources which should not have access to your web applications, as well as entire countries if necessary. In doing so, you can reduce the number of potential sources of attacks significantly, further reducing the risk to your environment. The WAF works closely with the Accelerator plugin, and if used in conjunction with the Balancer plugin, you are able to benefit from the full Application Delivery Controller (ADC). Your web applications will be more reliable, faster, and more secure. Chapter 2: General Usage This manual assumes you have already set up your Snapt install and enabled the WAF plugin. If you have not, please install it from the Modules & Plugins section under the Setup menu. Almost everything you will need to do regarding the WAF happens under the WAF menu item in the interface. This includes various configuration options, after which a few options need to be applied to your servers configured in the Accelerator in order to selectively enable the WAF. pg. 3
4 IP Blacklisting IP Groups This section facilitates the creation and management of IP groups within the WAF. IP Groups List This tab will list all IP Groups currently added to the WAF, and provide facilities to either Edit them to add/remove IP addresses, or Delete them altogether. Editing a group offers similar options to adding a new group, allowing you to add/remove IP addresses/ranges accordingly. Add New Group Adding a new group is a simple process. The first step is specifying a unique name. Thereafter, you need to specify the IP addresses/ranges that need to be added in CIDR format. For ease of use, the Subnet is also shown. The example below shows a group called test which was added, with a local IP range included: pg. 4
5 IP Blacklisting IP Access Control This section facilitates implementing global server blocks for any IP groups added to the system as opposed to default settings. This is useful to completely prohibit certain IP addresses/ranges from accessing the server. Note that this will only apply to servers in the Accelerator where the WAF Global Blocks function is enabled. IP Blacklisting Snapt Blacklist Control This section facilitates the use of the Snapt maintained RBLs (Realtime Black Lists) which includes various IP addresses/ranges which have been identified as sources of spam, HTTP vulnerability scans, and threats like botnets, amongst others. You are able to selectively enable the use of each of these sources of potential threats to your environment by toggling the relevant option. However, care should be taken with some settings as they may include legitimate users who would then be unable to access your web application. These are disabled/inactive by default. (Page Changed) pg. 5
6 GeoIP Blacklisting Settings This section specifies some basic settings for the GeoIP Blacklisting component of the Snapt WAF. GeoIP.dat This option specifies the path to the GeoIP.dat file which will be used to identify the location of any IP addresses connecting to your server. Snapt comes with a file included, but you are able to override this to use an alternative file. Return Code This option specifies the response the WAF will supply when a GeoIP-based block is applied, allowing you to either immediately close a connection (444) or send a forbidden response (403). pg. 6
7 GeoIP Blacklisting GeoIP Groups This section facilitates the creation of groups which may contain one or more countries, in order to block any connections from these regions as required. Groups This tab will list all GeoIP Groups currently added to the WAF, and provide facilities to either Edit them to add/remove countries, or Delete them altogether. Editing a group offers similar options to adding a new group, allowing you to add/remove countries accordingly. Add Group Adding a new group is a simple process. The first step is specifying a unique name. Thereafter, you use the dropdown list to specify the countries that need to be added. The example below shows a group called test which was added, with one country included: pg. 7
8 GeoIP Blacklisting IP Whitelist This section is used to add IP addresses/ranges in CIDR format to ensure they are always able to reach your server and are not subject to any other blocks which may be applied. IPs This tab provides a simple list of whitelisted IP addresses/ranges, and allows you to delete any entries as necessary. In the example below, the internal network range was whitelisted: Add IP This tab facilitates the addition of IP addresses/ranges in the noted CIDR format. Again, the Subnet is shown for ease of use. GeoIP Blacklisting GeoIP Access Control This section is identical to the IP Access Control section, except it is based on the GeoIP Groups created. It will block connections from these countries entirely. Note that this will only apply to servers in the Accelerator where the WAF Global Blocks function is enabled, as with the IP Access Control section. pg. 8
9 Upstream Protection HotLinking HotLinking is the process of linking various other content on your server from another, external website. This is sometimes problematic as it could lead to increased bandwidth usage, increased load on your servers, or even a copyright violation. This protection mechanism can prevent your content from being included on other sites. It also includes the ability to list safe domains where HotLinking is allowed. As with many other WAF settings, this needs to be enabled on a per server basis within the Accelerator once configured. Enable Protection This enables/disables the HotLink Protection facility. Protected Extensions This field is used to specify a comma separated list of extensions which may not be HotLinked. Safe Domains This field is used to specify a comma separated list of domains which may access the extensions specified in the Protected Extensions parameter. It also supports the use of wildcards like *.yourdomain.com. pg. 9
10 Upstream Protection HTTP Methods There are numerous HTTP request methods available. However, many infrequently used methods have been subject to vulnerabilities or disclosures of sensitive information. Therefore, Snapt includes a facility to block various HTTP methods from being passed to your web servers using this section. The Recommended Defaults button will set only GET, HEAD, POST and PUT to Allowed, as most other methods are not necessary in the majority of environments. This requires servers in the Accelerator to have Content Protection enabled. WAF Management Rulesets This section manages the rules in place on the WAF, and provides facilities to create your own ruleset or simply use the default ruleset in place maintained by Snapt. Rulesets This tab provides a list of the rulesets currently in place over and above the defaults, and provides the necessary functionality to Edit, Delete, or Enable/Disable any rulesets that have been manually created. For illustrative purposes below, a ruleset called test was created. pg. 10
11 Create Ruleset This tab facilitates the creation of new rulesets using either manually created rulesets or the defaults maintained by Snapt as a template for quicker creation. WAF Management Rule Triggers The Rule Triggers section is responsible for basing blocks based off scoring and is configurable here. Trigger Sets This tab is used to manage the trigger sets, and provides the facilities to either access the Internal Rules, Reset the default set, or Edit any set, and Delete manually created sets. pg. 11
12 Exception - Internal Rules Internal Rules have been moved to be enabled by default and can now be added as an exception to all your other rules. You can select the rule from the dropdown box and select your match zone and match value. You can also opt to make this a negative. Edit Trigger Set Editing any trigger set allows an editor providing the facilities to remove or add rules around the Score ID and a numerical value pertaining to each which needs to be exceeded in order to cause a block. The plus and minus buttons can be used to add/remove triggers as necessary. pg. 12
13 WAF Management Rule Definitions The Rule Definitions section manages all rules in place on the WAF, which is done using strings and regular expressions to match criteria and variables for blocking purposes. Rules This tab provides a list of all rules in place, including the default set, and any rules which have been created manually. For those rules which were created manually, you will be provided with the facility to Edit or Delete these accordingly. pg. 13
14 pg. 14
15 Add Rule This tab provides the necessary configuration options to add any new rules to the WAF. Negative This can be enabled to make the rule in question a negative matching rule. Pattern Type This option specifies whether a string or regular expression pattern type should be used. It is recommended to use string matches where possible as they are processed faster. All strings must be lower case and matches are case-sensitive. Rule ID The first 1,000 ID entries are reserved for internal rules such as protocol mismatch. Typically, rule IDs will start where the default rules listed on the Rules tab end i.e. higher than 1,500. Pattern This field is used to provide the actual pattern you would like to match. As an example, a regular expression pattern type with the pattern foo bar will match foo or bar, whereas a string pattern type with the same pattern will match only the actual string foo bar. pg. 15
16 Message This field is used to provide a string describing the pattern, and is used when doing whitelists. WAF Management Counters The WAF Score Counters are used to assign the relevant configuration options under the Rule Definitions and Rule Triggers sections. Counters This tab shows the Score Counters currently added, and will provide options to Edit and Delete any counters which were manually added in addition to the default counters. Add Counter This tab provides the facility to add additional counters for use in the other WAF configuration options as mentioned. Counter Name This needs to be added in the format $countername, such as the $SQL and other counters added by default. pg. 16
17 Attack Mitigation The Attack Mitigation mode is a last resort, applied to Accelerator servers in order to maintain application availability during an ongoing attack. It does this by applying stringent limits on the requests per second, and per minute, and active connections per IP address. Once activated, the following limits are applied: 5 requests per second per IP address, with bursts up to 120 requests 60 requests per minute, with bursts up to 300 requests A maximum of 10 active connections per IP address It is also advisable to disable the PageSpeed module on any servers under attack as it is very CPU-intensive. Chapter 3: Implementation In the introduction to Chapter 2, we explained how after configuring the WAF, the WAF on Accelerator servers needs to be selectively enabled. This is done via the Front-ends menu options under the Accelerator menu for HTTP and SSL servers. Once here, click Settings for any front-end server(s) to be prompted with the following configuration menu. A few additional WAF-related options will not be listed in the Accelerator Manual since they only become available once the WAF plugin is installed and configured. pg. 17
18 WAF Global Blocks This option facilitates enabling/disabling the Global Blocks for this server. This includes the IP blacklists, for example. WAF Content Protection This option facilitates enabling/disabling the content protection for this server. This includes the HotLink Protection, for example. WAF Ruleset This option facilitates selecting the rulesets which should apply to this server. The default ruleset and any manually created rulesets will be available for selection. pg. 18
19 Chapter 4: Standard Operation After the successful configuration of the WAF, the next step is the control and maintenance thereof. The majority of the functions are available on the WAF Dashboard. Here you will see several tabs as follows: Dashboard Various statistics and values are displayed, such as the overall status of the WAF. This includes packet and data rates, the number of connections to any servers, and an overview of the blocks occurring. pg. 19
20 Throughput The Throughput tab displays live graphs of inbound and outbound packets, data rates, and dropped packets, and is useful as a way to monitor sudden traffic spikes. Log Monitor The Log Monitor tab will display basic logging information at a glance, including blocks and limits. pg. 20
21 Modules The Modules tab shows the status of the WAF modules and whether any of them are potentially unavailable or not properly installed. Reference Lookup The Reference Lookup tab is your go-to place to investigate user issues. Any block that occurs during a request from a user will display a page which provides a reference code that can be used to identify the incident in your logs. Chapter 5: Reporting (in Reporting Menu) A key component of your Snapt WAF is the ability to generate reports from the Reports menu of the blocks caused. As other modules are necessary to use the WAF, the screenshot below represents a full ADC configuration with the WAF Report(s) available, along with the Balancer and Accelerator Reports. pg. 21
22 The WAF will add 1 report to this module as follows: WAF Block Report This provides an overview of the blocks occurring from the WAF. pg. 22
Snapt Accelerator Manual
Snapt Accelerator Manual Version 2.0 pg. 1 Contents Chapter 1: Introduction... 3 Chapter 2: General Usage... 3 Accelerator Dashboard... 4 Standard Configuration Default Settings... 5 Standard Configuration
More informationPowerful application delivery, security, performance and reliability
Powerful application delivery, security, performance and reliability Snapt Summary Snapt develops high-end solutions for application delivery. We provide load balancing, web acceleration, caching and security
More informationSnapt GSLB Manual. Version 2.1 February pg. 1
Snapt GSLB Manual Version 2.1 February 2018 pg. 1 Contents Chapter 1: Introduction... 3 Installation... 3 Chapter 2: Settings... 4 TTL... 4 Max Hosts... 4 Contact Email... 4 Enable Logging... 4 Chapter
More informationHow to Configure DNS Sinkholing in the Firewall
UDP DNS traffic handled by the Firewall service is monitored and, if a domain is found that is considered to be malicious, the A and AAAA DNS response is replaced by fake IP addresses. An access rule blocks
More informationSecurity
Security +617 3222 2555 info@citec.com.au Security With enhanced intruder technologies, increasingly sophisticated attacks and advancing threats, your data has never been more susceptible to breaches from
More informationMonitoring the Device
The system includes dashboards and an Event Viewer that you can use to monitor the device and traffic that is passing through the device. Enable Logging to Obtain Traffic Statistics, page 1 Monitoring
More informationWeCloud Security. Administrator's Guide
WeCloud Security Administrator's Guide WeCloud Security Administrator's Guide WeCloud Security provides a variety of useful features within a user-friendly web console to manage the functions including
More informationEnterprise Overview. Benefits and features of Cloudflare s Enterprise plan FLARE
Enterprise Overview Benefits and features of s Enterprise plan 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com This paper summarizes the benefits and features of s Enterprise plan. State of
More informationThe Top 6 WAF Essentials to Achieve Application Security Efficacy
The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and
More informationConfiguring BIG-IP ASM v12.1 Application Security Manager
Course Description Configuring BIG-IP ASM v12.1 Application Security Manager Description The BIG-IP Application Security Manager course gives participants a functional understanding of how to deploy, tune,
More informationAccessEnforcer Version 4.0 Features List
AccessEnforcer Version 4.0 Features List AccessEnforcer UTM Firewall is the simple way to secure and manage your small business network. You can choose from six hardware models, each designed to protect
More informationHOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL
HOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL CONTENTS EXECUTIVE SUMMARY 1 WEB APPLICATION SECURITY CHALLENGES 2 INSIST ON BEST-IN-CLASS CORE CAPABILITIES 3 HARNESSING ARTIFICIAL INTELLIGENCE
More informationEvaluation Criteria for Web Application Firewalls
Evaluation Criteria for Web Application Firewalls Ivan Ristić VP Security Research Breach Security 1/31 Introduction Breach Security Global headquarters in Carlsbad, California Web application security
More informationIntegrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution
Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution (Layer 3/4 and Layer 7) Delivering best-in-class network and web application security to the modern enterprise
More informationsnoc Snoc DDoS Protection Fast Secure Cost effective Introduction Snoc 3.0 Global Scrubbing Centers Web Application DNS Protection
Snoc DDoS Protection Fast Secure Cost effective sales@.co.th www..co.th securenoc Introduction Snoc 3.0 Snoc DDoS Protection provides organizations with comprehensive protection against the most challenging
More informationHow to configure the UTM Web Application Firewall for Microsoft Lync Web Services connectivity
How to configure the UTM Web Application Firewall for Microsoft Lync Web Services connectivity This article explains how to configure your Sophos UTM to allow access Microsoft s Lync Web Services (the
More informationUntitled Page. Help Documentation
Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2018 SmarterTools Inc. Antispam Administration SmarterMail comes equipped with a number
More informationImperva Incapsula Website Security
Imperva Incapsula Website Security DA T A SH E E T Application Security from the Cloud Imperva Incapsula cloud-based website security solution features the industry s leading WAF technology, as well as
More informationGeneral Firewall Configuration
To adjust resources used by your firewall service you can change the sizing parameters in the General Firewall Configuration (CONFIGURATION > Configuration Tree > Box > Infrastructure Services) of the
More informationComodo cwatch Web Security Software Version 2.10
rat Comodo cwatch Web Security Software Version 2.10 Website Administrator Guide Guide Version 2.10.042018 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction
More informationGFI MailSecurity 2011 for Exchange/SMTP. Administration & Configuration Manual
GFI MailSecurity 2011 for Exchange/SMTP Administration & Configuration Manual http://www.gfi.com info@gfi.com The information and content in this document is provided for informational purposes only and
More informationAnti-DDoS. FAQs. Issue 11 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 11 Date 2018-05-28 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationBIG-IP Analytics: Implementations. Version 13.1
BIG-IP Analytics: Implementations Version 13.1 Table of Contents Table of Contents Setting Up Application Statistics Collection...5 What is Analytics?...5 About HTTP Analytics profiles... 5 Overview:
More informationConfiguring Access Rules
Configuring Access Rules Rules > Access Rules About Access Rules Displaying Access Rules Specifying Maximum Zone-to-Zone Access Rules Changing Priority of a Rule Adding Access Rules Editing an Access Rule
More informationhaltdos - Web Application Firewall
haltdos - DATASHEET Delivering best-in-class protection for modern enterprise Protect your website against OWASP top-10 & Zero-day vulnerabilities, DDoS attacks, and more... Complete Attack Protection
More informationFuture-ready security for small and mid-size enterprises
First line of defense for your network Quick Heal Terminator (UTM) (Unified Threat Management Solution) Data Sheet Future-ready security for small and mid-size enterprises Quick Heal Terminator is a high-performance,
More informationComodo cwatch Web Security Software Version 1.6
rat Comodo cwatch Web Security Software Version 1.6 Website Administrator Guide Guide Version 1.6.103017 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to
More informationBIG-IP Application Security Manager : Attack and Bot Signatures. Version 13.0
BIG-IP Application Security Manager : Attack and Bot Signatures Version 13.0 Table of Contents Table of Contents Assigning Attack Signatures to Security Policies...5 About attack signatures...5 About
More informationIntegrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises
Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises AI-driven website & network protection service that secures online businesses from today's
More informationTHUNDER WEB APPLICATION FIREWALL
SOLUTION BRIEF THUNDER WEB APPLICATION FIREWALL STOP WEB ATTACKS TO PREVENT COSTLY DATA BREACHES MOBILE USERS REQUIRE SECURE ALWAYS-ON NETWORK ACCESS Web applications have become the number one battlefield
More informationLab - Configure the Firewall in Windows 7 and Vista
Introduction In this lab, you will explore the Windows Firewall and configure some advanced settings. Recommended Equipment Two computers directly connected or connected on a network Windows installed
More informationintelop Stealth IPS false Positive
There is a wide variety of network traffic. Servers can be using different operating systems, an FTP server application used in the demilitarized zone (DMZ) can be different from the one used in the corporate
More informationImma Chargin Mah Lazer
Imma Chargin Mah Lazer How to protect against (D)DoS attacks Oliver Matula omatula@ernw.de #2 Denial of Service (DoS) Outline Why is (D)DoS protection important? Infamous attacks of the past What types
More informationBIG-IP Application Security Manager : Implementations. Version 13.0
BIG-IP Application Security Manager : Implementations Version 13.0 Table of Contents Table of Contents Preventing DoS Attacks on Applications... 13 What is a DoS attack?...13 About recognizing DoS attacks...
More informationSam Pickles, F5 Networks A DAY IN THE LIFE OF A WAF
Sam Pickles, F5 Networks A DAY IN THE LIFE OF A WAF Who am I? Sam Pickles Senior Engineer for F5 Networks WAF Specialist and general security type Why am I here? We get to see the pointy end of a lot of
More informationCisco IOS Classic Firewall/IPS: Configuring Context Based Access Control (CBAC) for Denial of Service Protection
Cisco IOS Classic Firewall/IPS: Configuring Context Based Access Control (CBAC) for Denial of Service Protection Document ID: 98705 Contents Introduction Prerequisites Requirements Components Used Conventions
More informationNovetta Cyber Analytics
Know your network. Arm your analysts. Introduction Novetta Cyber Analytics is an advanced network traffic analytics solution that empowers analysts with comprehensive, near real time cyber security visibility
More informationConfiguring Local Firewalls
All Mediatrix Products v. 43.3.1398 2019-01-10 Table of Contents Table of Contents Local Firewall 3 Firewall Rule Order - Important 3 Configuring the Local Firewall 4 Disabling the Local Firewall 5 Configuring
More informationBIG-IP Application Security Manager : Getting Started. Version 12.1
BIG-IP Application Security Manager : Getting Started Version 12.1 Table of Contents Table of Contents Introduction to Application Security Manager...5 What is Application Security Manager?...5 When to
More informationSophos Central Admin. help
help Contents About Sophos Central...1 Activate Your License... 2 Overview...3 Dashboard... 3 Alerts...4 Logs & Reports... 15 People...31 Devices... 41 Global Settings... 57 Protect Devices... 90 Endpoint
More informationLab - Configure the Firewall in Windows 8
Introduction In this lab, you will explore the Windows Firewall and configure some advanced settings. Recommended Equipment Two computers directly connected or connected over the network Windows 8 installed
More informationHillstone T-Series Intelligent Next-Generation Firewall Whitepaper: Abnormal Behavior Analysis
Hillstone T-Series Intelligent Next-Generation Firewall Whitepaper: Abnormal Behavior Analysis Keywords: Intelligent Next-Generation Firewall (ingfw), Unknown Threat, Abnormal Parameter, Abnormal Behavior,
More informationDenyAll Protect. accelerating. Web Application & Services Firewalls. your applications. DenyAll Protect
DenyAll Protect DenyAll Protect Web Application & Services Firewalls Securing Sécuring & accelerating your applications Corporate or ecommerce website, email, collaborative tools, enterprise application
More informationProtecting DNS Critical Infrastructure Solution Overview. Radware Attack Mitigation System (AMS) - Whitepaper
Protecting DNS Critical Infrastructure Solution Overview Radware Attack Mitigation System (AMS) - Whitepaper Table of Contents Introduction...3 DNS DDoS Attacks are Growing and Evolving...3 Challenges
More informationUsing Trend Reports. Understanding Reporting Options CHAPTER
CHAPTER 10 To learn about supported services and platforms, see Supported Services and Platforms for Monitoring and Reports, page 1-5. The following topics describe the reporting features available in
More informationQ WEB APPLICATION ATTACK STATISTICS
WEB APPLICATION ATTACK STATISTICS CONTENTS Introduction...3 Results at a glance...4 Web application attacks: statistics...5 Attack types...5 Attack trends...8 Conclusions... 11 2 INTRODUCTION This report
More informationHerding Cats. Carl Brothers, F5 Field Systems Engineer
Herding Cats Carl Brothers, F5 Field Systems Engineer Agenda Introductions Security is easy, right Trivia Protecting your apps, one layer at a time How to survive an Attack Time permitting F5 Networks,
More informationSophos UTM Web Application Firewall For: Microsoft Exchange Services
How to configure: Sophos UTM Web Application Firewall For: Microsoft Exchange Services This guide explains how to configure your Sophos UTM 9.3+ to allow access to the relevant Microsoft Exchange services
More informationThe Interactive Guide to Protecting Your Election Website
The Interactive Guide to Protecting Your Election Website 1 INTRODUCTION Cloudflare is on a mission to help build a better Internet. Cloudflare is one of the world s largest networks. Today, businesses,
More informationipro-04n Security Configuration Guide
Disclaimer: The contents of these notes does not specifically relate to any release of Firmware and may change without notice Status: uncontrolled 1 Introduction...5 2 Security package...6 2.1 Basic network
More informationSophos Central Partner. help
help Contents About help...1 About...2 Dashboard... 3 Alerts...4 Logs... 5 Audit Logs...5 Sophos Central...7 Sophos Central customers...7 Sophos Central Licenses... 7 Managed Customer Usage... 9 Trial
More informationCompany. Example Company Contact. John Smith Website. Date
Company. Example Company Contact. John Smith Website. www.yourdomain.com Date. 01.03.18 Introduction. Welcome to your 28 Point WordPress Support Audit. The following document will audit your website and
More informationIIS. Deployment Guide
Deployment Guide UPDATED: 11 January 2018 Copyright Notices Copyright 2002-2018 KEMP Technologies, Inc. All rights reserved. KEMP Technologies and the KEMP Technologies logo are registered trademarks of
More informationepldt Web Builder Security March 2017
epldt Web Builder Security March 2017 TABLE OF CONTENTS Overview... 4 Application Security... 5 Security Elements... 5 User & Role Management... 5 User / Reseller Hierarchy Management... 5 User Authentication
More informationTechnical White Paper June 2016
TLP:WHITE! Technical White Paper June 2016 GuidetoDDoSAttacks! Authored)by:) Lee)Myers,)Senior)Manager)of)Security)Operations) Christopher)Cooley,)Cyber)Intelligence)Analyst) This MultiCState Information
More informationComodo cwatch Web Security Software Version 1.6
rat Comodo cwatch Web Security Software Version 1.6 Quick Start Guide Guide Version 1.6.010918 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Comodo cwatch Web Security - Quick Start Guide
More informationBIG-IP Local Traffic Management: Basics. Version 12.1
BIG-IP Local Traffic Management: Basics Version 12.1 Table of Contents Table of Contents Introduction to Local Traffic Management...7 About local traffic management...7 About the network map...7 Viewing
More informationAWS Reference Architecture - CloudGen Firewall Auto Scaling Cluster
AWS Reference Architecture - CloudGen Firewall Auto Scaling Cluster Protecting highly dynamic AWS resources with a static firewall setup is neither efficient nor economical. A CloudGen Firewall Auto Scaling
More informationIntelligent and Secure Network
Intelligent and Secure Network BIG-IP IP Global Delivery Intelligence v11.2 IP Intelligence Service Brian Boyan - b.boyan@f5.com Tony Ganzer t.ganzer@f5.com 2 Agenda Welcome & Intro Introduce F5 IP Intelligence
More informationManaging Spam. To access the spam settings in admin panel: 1. Login to the admin panel by entering valid login credentials.
Email Defense Admin Panel Managing Spam The admin panel enables you to configure spam settings for messages. Tuning your spam settings can help you reduce the number of spam messages that get through to
More informationORACLE MANAGED CLOUD SECURITY SERVICES - SERVICE DESCRIPTIONS. December 1, 2017
ORACLE MANAGED CLOUD SECURITY SERVICES - SERVICE DESCRIPTIONS December 1, 2017 Table of Contents Oracle Managed Security Database Encryption Service for Oracle IaaS... 3 Oracle Managed Security Database
More informationIntrusion prevention systems are an important part of protecting any organisation from constantly developing threats.
Network IPS Overview Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats. By using protocol recognition, identification, and traffic analysis
More informationBIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0
BIG-IP Access Policy Manager : Secure Web Gateway Version 13.0 Table of Contents Table of Contents BIG-IP APM Secure Web Gateway Overview...9 About APM Secure Web Gateway... 9 About APM benefits for web
More informationImplementation Guide - VPN Network with Static Routing
Implementation Guide - VPN Network with Static Routing This guide contains advanced topics and concepts. Follow the links in each section for step-by-step instructions on how to configure the following
More informationQ. What technologies does Cisco WAAS Express use to optimize traffic? A. Cisco WAAS Express optimizes WAN bandwidth using these technologies:
Q&A Cisco WAAS Express General Q. What is Cisco Wide Area Application Services (WAAS) Express? A. Cisco WAAS Express extends the Cisco WAAS product portfolio with a small-footprint, cost-effective solution
More informationWeb Applications Security. Radovan Gibala F5 Networks
Applications Security Radovan Gibala F5 Networks How does the current situation look like? Application Trends and Drivers ification of applications Intelligent browsers and applications Increasing regulatory
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationSucuri Technical Overview
Sucuri Technical Overview Product and Service Description 1 TABLE OF CONTENTS SUCURI OVERVIEW Company Overview 3 PRODUCT/SERVICE DESCRIPTION Monitoring Protection Response Backup 4 5 6 6 EXHIBITS A: Holistic
More informationWEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM
SECURITY ANALYTICS WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM BLAZING PERFORMANCE, HIGH AVAILABILITY AND ROBUST SECURITY FOR YOUR CRITICAL WEB APPLICATIONS OVERVIEW Webscale is a converged multi-cloud
More informationManaging Latency in IPS Networks
Revision C McAfee Network Security Platform (Managing Latency in IPS Networks) Managing Latency in IPS Networks McAfee Network Security Platform provides you with a set of pre-defined recommended settings
More information12/05/2017. Geneva ServiceNow Security Management
12/05/2017 Security Management Contents... 3 Security Incident Response...3 Security Incident Response overview... 3 Get started with Security Incident Response... 6 Security incident creation... 40 Security
More informationMX Control Console. Administrative User Manual
MX Control Console Administrative User Manual This Software and Related Documentation are proprietary to MX Logic, Inc. Copyright 2003 MX Logic, Inc. The information contained in this document is subject
More informationThe Barracuda Web Application Firewall Versus Anonymous. Best Practices for Planning and Defending Against Attacks by Anonymous.
The Barracuda Web Application Firewall Versus Anonymous Best Practices for Planning and Defending Against Attacks by Anonymous White Paper The security analysts at Barracuda Central have been continuously
More informationMail Assure Quick Start Guide
Mail Assure Quick Start Guide Version: 11/15/2017 Last Updated: Wednesday, November 15, 2017 CONTENTS Getting Started with Mail Assure 1 Firewall Settings 2 Accessing Mail Assure 3 Incoming Filtering 4
More informationApplication Security. Rafal Chrusciel Senior Security Operations Analyst, F5 Networks
Application Security Rafal Chrusciel Senior Security Operations Analyst, F5 Networks r.chrusciel@f5.com Agenda Who are we? Anti-Fraud F5 Silverline DDOS protection WAFaaS Threat intelligence & malware
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 3 Protecting Systems Objectives Explain how to harden operating systems List ways to prevent attacks through a Web browser Define
More informationHow does the Excalibur Technology SPAM & Virus Protection System work?
How does the Excalibur Technology SPAM & Virus Protection System work? All e-mail messages sent to your e-mail address are analyzed by the Excalibur Technology SPAM & Virus Protection System before being
More informationWHITE PAPER HIGH-FIDELITY THREAT INTELLIGENCE: UNDERSTANDING FALSE POSITIVES IN A MULTI-LAYER SECURITY STRATEGY
WHITE PAPER HIGH-FIDELITY THREAT INTELLIGENCE: UNDERSTANDING FALSE POSITIVES IN A MULTI-LAYER SECURITY STRATEGY Dave Dubois, Global Security Product Management Version: 1.0, Jan 2018 A Multi-Layer Approach
More informationBeyond Blind Defense: Gaining Insights from Proactive App Sec
Beyond Blind Defense: Gaining Insights from Proactive App Sec Speaker Rami Essaid CEO Distil Networks Blind Defense Means Trusting Half Your Web Traffic 46% of Web Traffic is Bots Source: Distil Networks
More informationWordPress Security Plugins vs. WAF Services. A Comparative Test of WAF Accuracy in Security Solutions
WordPress Security Plugins vs. WAF Services A Comparative Test of WAF Accuracy in Security Solutions Contents Abstract... 3 Introduction... 3 WAF Evaluation Criteria... 4 Results... 5 Pattern Analysis...
More informationF5 Big-IP Application Security Manager v11
F5 F5 Big-IP Application Security Manager v11 Code: ACBE F5-ASM Days: 4 Course Description: This four-day course gives networking professionals a functional understanding of the BIG- IP LTM v11 system
More informationComodo cwatch Web Security Software Version 3.0
rat Comodo cwatch Web Security Software Version 3.0 Website Administrator Guide Guide Version 3.0.050918 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to
More informationControl for CloudFlare - Installation and Preparations
Control for CloudFlare - Installation and Preparations Installation Backup your web directory and Magento 2 store database; Download Control for CloudFlare installation package; Copy files to /app/firebear/cloudflare/
More informationFIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?
WHAT IS FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT? While firewalls started life simply protecting networks from outside hacks and attacks, the role of the firewall has greatly evolved to take
More informationIPv6 Firewall Support for Prevention of Distributed Denial of Service Attacks and Resource Management
IPv6 Firewall Support for Prevention of Distributed Denial of Service Attacks and Resource Management IPv6 zone-based firewalls support the Protection of Distributed Denial of Service Attacks and the Firewall
More informationCisco SSL Encryption Utility
About SSL Encryption Utility, page 1 About SSL Encryption Utility Unified ICM web servers are configured for secure access (HTTPS) using SSL. Cisco provides an application called the SSL Encryption Utility
More informationEncrypted Traffic Security (ETS) White Paper
Encrypted Traffic Security (ETS) White Paper The rapid rise in encrypted traffic is changing the security landscape. As more organizations become digital, an increasing number of services and applications
More informationCorrigendum 3. Tender Number: 10/ dated
(A premier Public Sector Bank) Information Technology Division Head Office, Mangalore Corrigendum 3 Tender Number: 10/2016-17 dated 07.09.2016 for Supply, Installation and Maintenance of Distributed Denial
More informationQualys Cloud Platform
Qualys Cloud Platform Quick Tour The Qualys Cloud Platform is a platform of integrated solutions that provides businesses with asset discovery, network security, web application security, threat protection
More informationDPX8000 Series Deep Service Switching Gateway User Configuration Guide Firewall Service Board Module v1.0
DPX8000 Series Deep Service Switching Gateway User Configuration Guide Firewall Service Board Module v1.0 i Hangzhou DPtech Technologies Co., Ltd. provides full- range technical support. If you need any
More informationDeploy the Firepower Management Center Virtual On the AWS Cloud
Deploy the Firepower Management Center Virtual On the AWS Cloud Amazon Virtual Private Cloud (Amazon VPC) enables you to launch Amazon Web Services (AWS) resources into a virtual network that you define.
More informationDDoS Protector. Simon Yu Senior Security Consultant. Block Denial of Service attacks within seconds CISSP-ISSAP, MBCS, CEH
DDoS Protector Block Denial of Service attacks within seconds Simon Yu Senior Security Consultant CISSP-ISSAP, MBCS, CEH 2012 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved. 2012
More informationPass4sure q. Cisco Securing Cisco Networks with Sourcefire IPS
Pass4sure.500-285.42q Number: 500-285 Passing Score: 800 Time Limit: 120 min File Version: 6.1 Cisco 500-285 Securing Cisco Networks with Sourcefire IPS I'm quite happy to announce that I passed 500-285
More informationNoction Flow Analyzer
INSTALLATION & CONFIGURATION GUIDE Copyright 2018 Noction Inc. Table of Contents Introduction...3 What is Noction Flow Analyzer...3 System Requirements...3 Hardware requirements...3 Software requirements...3
More informationClientNet. Portal Admin Guide
ClientNet Portal Admin Guide Document Revision Date: June 5, 2013 ClientNet Portal Admin Guide i Contents Introduction to the Portal... 1 About the Portal... 1 Logging On and Off the Portal... 1 Language
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.
More informationComodo cwatch Web Security Software Version 4.6
rat Comodo cwatch Web Security Software Version 4.6 Website Administrator Guide Guide Version 4.6.121018 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Table of Contents 1 Introduction to
More informationOWASP Top 10. Copyright 2017 Ergon Informatik AG 2/13
Airlock and the OWASP TOP 10-2017 Version 2.1 11.24.2017 OWASP Top 10 A1 Injection... 3 A2 Broken Authentication... 5 A3 Sensitive Data Exposure... 6 A4 XML External Entities (XXE)... 7 A5 Broken Access
More informationCisco Threat Awareness Service - Quick Start Guide. Last Updated: 16/06/16
Cisco Threat Awareness Service - Quick Start Guide. Last Updated: 16/06/16 Contents Introduction... 1 Intended Use... 1 Portal Navigation... 2 Registering a Network Resource... 2 Adding the Network Resource
More informationASA Access Control. Section 3
[ 39 ] CCNP Security Firewall 642-617 Quick Reference Section 3 ASA Access Control Now that you have connectivity to the ASA and have configured basic networking settings on the ASA, you can start to look
More information