Maximum Security, Zero Compromise in Availability and Performance

Size: px
Start display at page:

Download "Maximum Security, Zero Compromise in Availability and Performance"

Transcription

1 Maximum Security, Zero Compromise in Availability and Performance Presented by: Teong Eng Guan MD ASEAN

2 2 2 Agenda Who is F5 and what to we do? IT Challenges Web Application Security Why & How? Total Defense with F5 Conclusion

3 3 As of 8 p.m last night

4 4 F5 is everywhere and in Vietnam! Impacting Everyone!

5 5 So what do we do? Help you and our customers to provide a better Application Experience Providing Technologies to accelerate the deployment and performance of Applications Offering solutions to secure the access and usage of applications Load balancing and Traffic management comes with the package anyway We make applications work.

6 6 Let s understand more about Application Delivery Networking (ADN)? Users Applications At Home In the Office On the Road Application Delivery Network SAP Microsoft Oracle/BE A IBM VMWare User Experience ADN provides the best secured user experience optimally and non-intrusively.

7 7 F5 Understands Businesses We understand Businesses want to be the leaders in their industry Businesses want to meet and exceed their Market Research Index (MRI) Businesses need to bring in more users/subscribers/customers/transactions Businesses have growth concerns Businesses do not have unlimited resources Businesses need to be protected from Security threats We understand that the key factor why organizations succeed is because they provide the Best User Experience to their customers.

8 Web Application Security The Why and How?

9 9 Web Application Trends and Technologies Network Load High Traffic Low Traffic Web 1.0 Audio & Video downloads File transfers Basic HTML Flat web pages Web 2.0 SOA SaaS AJAX Silverlight/Flex 3 RIA Audio & Video streaming Less More Application Complexity

10 The Challenge: Attacks are Moving Up the Stack 10 Network Threats Application Threats 90% of security investment focused here 75% of attacks focused here Source: Gartner

11 Perimeter Security (Physical World) 11

12 12 Enterprise Perimeter Security (EPS) Network Access Protection (Layer 1 3) Protocol Access Protection (Layer 4 6) Application Access Protection (Layer 7) IPS Web App Web App Web App Botnet Prevent only network attacks by IP address, port and service number Detect known signatures No application and session awareness No SSL protection Scale for the enterprise Reduce costly development and audit effort Prevent web attacks such as DDoS, SQL Injection, Cross Site Scripting, etc. PCI Compliance

13 13 Network Firewalls vs. Application Firewalls Network Firewalls Manage network traffic Protection At Network Layer 3 Manage Access to Corporate LAN s Simple Forwarding Of Approved Packets Configured Port 80/443 (HTTP/S) For Open Access Application Firewalls Manage web traffic Protection At Application Layer 7 Monitor HTTP/S & XML Protocols Protect Application & Backend Data From Malicious Attack s & Unauthorized Usage Deep Packet Inspection Of All Traffic To And From The Web Servers Packet Inspection Deep Stream Inspection

14 14 14 Addressing the Vulnerabilities: Web Application Firewalls, Web Access Gateways Attack Signature mitigation (inspect, generic) Full proxy WAF (proxy, inspect, rewrite) Web Access Gateway ( encrypt, sso, aaa)

15 15 Improved PCI Compliance Reporting PCI reporting: Details security measures required by PCI DSS 1.2 Compliancy state Steps required to become compliant

16 16 Layer 7 DDoS Protection DDoS Botnet L7 DDoS Traffic Signature is exactly the same as Good User. F5 intelligent L7 DDoS Blocking Good User Online Payment Service Online Payment Service is unaffected by L7 DDoS Attacks.

17 17 DNSsec Compliance Securing the DNS Infrastructure, Traditional DNS is insecure DNSsec secured site Recursive Name server DNS Servers Hacker F5 can sign any dynamically generated / load balanced DNS response F5 can transparently sign responses for existing BIND servers

18 18 SSL 2048 Bit Key Compliance o F5 supports 512 through 4096 bit SSL keys o 1024 bit length keys are considered insecure by NIST as of 12/31/10 o 2048 bit is ~5x more expensive to compute than 1024 bit handshake o 4096 bit is ~6x more expensive to compute than 2048 bit handshake

19 19 FIPS Compliance Why FIPS? The loss of private keys is considered to be a disaster because they can be used to: decrypt sensitive transactions in flight (Man In The Middle Attack) masquerade as the provider by using the keys to make more authentic phishing sites. Normal Device Host Subsystem TCP Termination HTTP Proxy SSL Processing Add-on Card Sym/Asymmetric Crypto Host Subsystem Key Mgmt. Secret Keys When a FIPS compliant box is tampered, the SSL keys stored in FIPS hardware-secured module will automatically be destroyed, rendering them useless. FIPS-140 compliant Device TCP Termination HTTP Proxy SSL Processing Symmetric Crypto Key Mgmt. Add-on Card Asymmetric Crypto Secret Keys

20 20 Total Defense Security Architecture Customers DMZ Network Access Application Access 4,000 Users 1,000 Users Employees Internet Internet/ Intranet GeoLocation DNSSec Web App #1 Web App #2 Web App #3 15,000 Corporate Users VPN End Point Security DNS AD/LDAP Datacenter Primary 6,000 Corporate Branch Users Datacenter - Secondary As application become webified, there s a need to address the deficiencies of the HTTP security and introduce new defences (web access management, Web App FW) to product Vulnerable Web applications.

21 21 21 Secure the Banking Applications Australian Bank - Perimeter control with F5/Oracle > Web Application Firewall Protect from malicious internet traffic such as SQL Injection, XSS, Web Scraping, etc IB etrade > User Authentication & Endpoint Security Check (ASM) > Web protocol threat detection > User data input validation iapply other > SSL Acceleration > Application-layer rate-shaping > Local and Global Traffic Management / load balancing > Geo-location redirection > Web Content Delivery Acceleration (WA) > PCI Data Security Standard Compliance

22 Security with Performance

23 23 Accelerate Web Performance China Bank Web Acceleration Province 1 Province 2 BIG-IP WebAccelerator Internet or WAN Province n Beijing Data Center Response time Province 34 Without acceleration With WebAccelerator (asymmetric deployment) Solution Benefits Internal banking service acceleration Infrastructure optimization (seven time more requests per second) User experience improvement (6 (6 times faster page load) Bandwidth savings (10 times higher throughput)

24 Security with Performance and Availability

25 Always On Infrastructure 25

26 26 Internet Banking DC - ICBC ICBC is Largest Bank by Market Capitalization Major Applications: 1. Internet Banking 50 Million Users 42% of total Bank Transactions 40% improvement Web Performance

27 27 Intranet Banking DC- ICBC 2. Corporate IT 100+ F5 boxes optimizing 40 apps: Core Banking Secure Access Green Terminals ATM Front Server Mainframe Front Servers Branch Office optimization 3. F5 account team is working on optimizing the remaining 198 apps

28 28 Sysmex America The F5 solution beat out the competition because it promised more functionality for a comparable price, and we saw it as a strategic investment that would support our growth. Art Braune, Manager of Information Technology Sysmex America Sysmex America develops clinical testing devices for the healthcare industry. To ensure business continuity and seamless communication among customers, partners, and employees, Sysmex must keep systems highly available. The company employed the Application Ready Solution for Microsoft Exchange Server 2010 from F5 Networks and as a result, has surpassed percent uptime. To ensure that the implementation followed best practices, Sysmex s IT department used F5 deployment guidance, jointly developed with Microsoft, and has enjoyed superior support from F5 engineers. The solution provides Sysmex with cost-effective, centralized management and a flexible platform that it will expand to support other key systems. Customer Overview: Sysmex America, based in Mundelein, Illinois, is the United States headquarters of Sysmex Corporation, a Japanese manufacturer of clinical testing devices and solutions for the healthcare industry. Sysmex relies on to communicate with its customers (hospitals, clinics, test centers, and blood centers), suppliers, and key business partners. F5 Local Traffic Manager and F5 Application Ready Solution for Microsoft Exchange Server 2010 Benefits: Zero downtime for percent uptime Ability to perform maintenance without disruption to users High confidence in best practices implementation Cost-effective platform for growth Vertical: Location: Healthcare Mundelein, Illinois Case Study:

29 29 F5 Solution for Migration to IPv6 Internet IPv6 Mobile Smart Devices IPv6 IPv4 Set-Top Box PC/Laptop HSPA/HSDPA GGSN/BRAS Destination IPv6 Destination IPv6 Destination IPv4 Destination IPv4 DNS Log AAA F5 NAT64 F5 NAT44 DNS64 HSL Traffic Steering Firewall SDC Destination IPv6 Destination IPv6 Destination IPv4 Destination IPv4 VAS IPv4 VAS IPv6 Internet IPv4

30 30 F5: A Common & Dynamic Application Services Platform From Enterprise to Cloud Separate Consolidate Aggregate Automate Liberate Test and development Server consolidation Capacity on demand Self-Managing data centres Enterprise computing clouds on and off premise Private Public Enterprise Objective: An IT Services On-Demand Platform

31 31 How can F5 Application Delivery Solution help your BUSINESS? We provide the Best User Experience solution at a competitive cost. How do we provide better user experience? By Making Transactions Safer to use Eliminates fraud, theft and following security breaches By Making Transactions Faster More revenue in a shorter time span without additions By Ensuring your site is never down 24/7 transaction regardless of peak or failure, prevention of site takedown disrupting business All of the above just lead to a better user experience

32 32 F5 s Dynamic Application Services Infrastructure Users Resources APP OS APP OS APP OS APP OS APP OS APP OS APP OS APP OS Private Public Physical Virtual Multi-Site DCs Cloud

33

Architecture: Consolidated Platform. Eddie Augustine Major Accounts Manager: Federal

Architecture: Consolidated Platform. Eddie Augustine Major Accounts Manager: Federal Architecture: Consolidated Platform Eddie Augustine Major Accounts Manager: Federal Current DoD Situation Stovepipes of Technology icontrol Customization irules Solutions Security Access Availability Load

More information

AKAMAI CLOUD SECURITY SOLUTIONS

AKAMAI CLOUD SECURITY SOLUTIONS AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your

More information

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe F5 comprehensive protection against application attacks Jakub Sumpich Territory Manager Eastern Europe j.sumpich@f5.com Evolving Security Threat Landscape cookie tampering Identity Extraction DNS Cache

More information

The Top 6 WAF Essentials to Achieve Application Security Efficacy

The Top 6 WAF Essentials to Achieve Application Security Efficacy The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and

More information

SAS and F5 integration at F5 Networks. Updates for Version 11.6

SAS and F5 integration at F5 Networks. Updates for Version 11.6 SAS and F5 integration at F5 Networks Updates for Version 11.6 Managing access based on Identity Employees Partner Customer Administrator IT challenges: Control access based on user-type and role Unify

More information

Web Applications Security. Radovan Gibala F5 Networks

Web Applications Security. Radovan Gibala F5 Networks Applications Security Radovan Gibala F5 Networks How does the current situation look like? Application Trends and Drivers ification of applications Intelligent browsers and applications Increasing regulatory

More information

Comprehensive datacenter protection

Comprehensive datacenter protection Comprehensive datacenter protection There are several key drivers that are influencing the DDoS Protection market: DDoS attacks are increasing in frequency DDoS attacks are increasing in size DoS attack

More information

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

NETWORKING &SECURITY SOLUTIONSPORTFOLIO NETWORKING &SECURITY SOLUTIONSPORTFOLIO NETWORKING &SECURITY SOLUTIONSPORTFOLIO Acomprehensivesolutionsportfoliotohelpyougetyourbusiness securelyconnected.clickononeofoursolutionstoknowmore NETWORKING

More information

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications Enabling and Securing Digital Business in Economy Protect s Serving Business Critical Applications 40 percent of the world s web applications will use an interface Most enterprises today rely on customers

More information

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1 CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/

More information

Providing Security and Acceleration for Remote Users

Providing Security and Acceleration for Remote Users F5 White Paper Providing Security and Acceleration for Remote Users Delivering applications to remote users is a significant undertaking. Applications need to be available, and they must be delivered securely

More information

Pulse Secure Application Delivery

Pulse Secure Application Delivery DATA SHEET Pulse Secure Application Delivery HIGHLIGHTS Provides an Application Delivery and Load Balancing solution purposebuilt for high-performance Network Functions Virtualization (NFV) Uniquely customizable,

More information

SECURE YOUR APPLICATIONS, SIMPLIFY AUTHENTICATION AND CONSOLIDATE YOUR INFRASTRUCTURE

SECURE YOUR APPLICATIONS, SIMPLIFY AUTHENTICATION AND CONSOLIDATE YOUR INFRASTRUCTURE SECURE YOUR APPLICATIONS, SIMPLIFY AUTHENTICATION AND CONSOLIDATE YOUR INFRASTRUCTURE San Diego March 21, 2013 John Lee Field Systems Engineer Conjecture of relative breach impact is based on publicly

More information

Imperva Incapsula Product Overview

Imperva Incapsula Product Overview Product Overview DA T A SH E E T Application Delivery from the Cloud Whether you re running a small e-commerce business or in charge of IT operations for an enterprise, will improve your website security

More information

KEEPING THE BAD GUYS OUT WHILE LETTING THE GOOD GUYS IN. Paul Deakin Federal Field Systems Engineer

KEEPING THE BAD GUYS OUT WHILE LETTING THE GOOD GUYS IN. Paul Deakin Federal Field Systems Engineer KEEPING THE BAD GUYS OUT WHILE LETTING THE GOOD GUYS IN Paul Deakin Federal Field Systems Engineer F5 MISSION Deliver the most secure, fast, and reliable applications to anyone anywhere at any time. F5

More information

Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway

Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway Applying Application Delivery Technology to Web Services Overview The Cisco ACE XML Gateway is the newest

More information

F5 Synthesis Information Session. April, 2014

F5 Synthesis Information Session. April, 2014 F5 Synthesis Information Session April, 2014 Agenda Welcome and Introduction to Customer Technology Challenges Software Defined Application Services Reference Architectures for Today s Customer Challenges

More information

Securing the Cloud. White Paper by Peter Silva

Securing the Cloud. White Paper by Peter Silva Cloud computing has become another key resource for IT deployments, but there is still fear of securing applications and data in the cloud. With F5 devices, you can keep your most precious assets safe,

More information

Sichere Applikations- dienste

Sichere Applikations- dienste Sichere Applikations- dienste Innovate, Expand, Deliver Manny Rivelo Für SaaS und traditionelle Service-Modelle EVP, Strategic Solutions Carsten Langerbein Field Systems Engineer c.langerbein@f5.com Es

More information

SOLUTION BRIEF CA API MANAGEMENT. Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management

SOLUTION BRIEF CA API MANAGEMENT. Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management SOLUTION BRIEF CA API MANAGEMENT Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management 2 SOLUTION BRIEF ENABLE AND PROTECT YOUR WEB APPLICATIONS WITH CA API MANAGEMENT ca.com

More information

DenyAll Protect. accelerating. Web Application & Services Firewalls. your applications. DenyAll Protect

DenyAll Protect. accelerating. Web Application & Services Firewalls. your applications.  DenyAll Protect DenyAll Protect DenyAll Protect Web Application & Services Firewalls Securing Sécuring & accelerating your applications Corporate or ecommerce website, email, collaborative tools, enterprise application

More information

Security Assessment Checklist

Security Assessment Checklist Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment

More information

Providing Secure, Fast and Available

Providing Secure, Fast and Available Providing Secure, Fast and Available SharePoint with F5 BIG-IP John Lee, Federal Systems Engineer Version 3.0 Rate Shaping TCP Express SSL Caching XML Compression OneConnect TCP Express ASM Web Accel 3

More information

Complying with PCI DSS 3.0

Complying with PCI DSS 3.0 New PCI DSS standards are designed to help organizations keep credit card information secure, but can cause expensive implementation challenges. The F5 PCI DSS 3.0 solution allows organizations to protect

More information

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.) We b Ap p A t ac ks U ser / Iden tity 33% 53% Apps And Identities Initial Targets In 86% Of Breaches P hysi ca l 11% Other (VPN, PoS,infra.) 3% Fix vulnerabilities Stop web attacks Risk & compliance What

More information

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance Solution Brief Citrix SD-WAN for Optimal Office 365 Connectivity and Performance Evolving Needs for WAN Network Architecture Enterprise networks have historically been architected to provide users access

More information

Verizon Software Defined Perimeter (SDP).

Verizon Software Defined Perimeter (SDP). Verizon Software Defined Perimeter (). 1 Introduction. For the past decade, perimeter security was built on a foundation of Firewall, network access control (NAC) and virtual private network (VPN) appliances.

More information

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter

How your network can take on the cloud and win. Think beyond traditional networking toward a secure digital perimeter How your network can take on the cloud and win Think beyond traditional networking toward a secure digital perimeter Contents Introduction... 3 Reduce risk points with secure, contextualized access...

More information

A different approach to Application Security

A different approach to Application Security 雲端時代企業應用的安全與挑戰 A different approach to Application Security Protecting your most critical business assets APPLICATION ACCESS APPLICATION PROTECTION F5 Networks, Inc 2 F5 s Comprehensive Security Solutions

More information

CyberP3i Course Module Series

CyberP3i Course Module Series CyberP3i Course Module Series Spring 2017 Designer: Dr. Lixin Wang, Associate Professor Firewall Configuration Firewall Configuration Learning Objectives 1. Be familiar with firewalls and types of firewalls

More information

BIG-IP V11.3: PRODUCT UPDATE. David Perodin Field Systems Engineer III

BIG-IP V11.3: PRODUCT UPDATE. David Perodin Field Systems Engineer III BIG-IP V11.3: PRODUCT UPDATE David Perodin Field Systems Engineer III Contents V11.3 Product Update 1. BIG-IP v.11.3.0 (Local Traffic Manager & Access Policy Manager) 2. Advanced Firewall Module (AFM)

More information

Copyright 2011 Trend Micro Inc.

Copyright 2011 Trend Micro Inc. Copyright 2011 Trend Micro Inc. 2008Q1 2008Q2 2008Q3 2008Q4 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3 2010Q4 2011Q1 2011Q2 2011Q3 2011Q4 M'JPY Cloud Security revenue Q to Q Growth DeepSecurity/Hosted/CPVM/IDF

More information

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT? WHAT IS FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT? While firewalls started life simply protecting networks from outside hacks and attacks, the role of the firewall has greatly evolved to take

More information

GOING WHERE NO WAFS HAVE GONE BEFORE

GOING WHERE NO WAFS HAVE GONE BEFORE GOING WHERE NO WAFS HAVE GONE BEFORE Andy Prow Aura Information Security Sam Pickles Senior Systems Engineer, F5 Networks NZ Agenda: WTF is a WAF? View from the Trenches Example Attacks and Mitigation

More information

Check Point Virtual Systems & Identity Awareness

Check Point Virtual Systems & Identity Awareness Check Point Virtual Systems & Identity Awareness Jason Card, Senior Security Consultant, CISSP card@avantec.ch Agenda Check Point Virtual Systems Private Cloud Simplify Security Overview Identity Awareness

More information

Securing Your Most Sensitive Data

Securing Your Most Sensitive Data Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way

More information

Business Strategy Theatre

Business Strategy Theatre Business Strategy Theatre Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014 In the midst of chaos, there is also opportunity. - Sun-Tzu Security:

More information

Huawei Cloud Fabric Data Center Security and Application Optimization Solution

Huawei Cloud Fabric Data Center Security and Application Optimization Solution Huawei Cloud Fabric Data Center and Application Highly Secure s and High-Performance, High-Efficiency Networks Emerging new technologies such as cloud computing, Big Data, and virtualization drive data

More information

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government

More information

Security for the Cloud Era

Security for the Cloud Era Security for the Cloud Era Make the Most Out of Your Cloud Journey Fadhly Hassim Sales Engineer South East Asia & Korea Barracuda Networks Current Weather Situation Customer Provisions & Manage On-Premises

More information

Security Overview and Cisco ACE Replacement

Security Overview and Cisco ACE Replacement Security Overview and Cisco ACE Replacement March, 2014 Florian Hartmann, Senior Systems Engineer DACH A10 Corporate Introduction Headquarters in San Jose 800+ Employees Offices in 32 countries Customers

More information

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below

More information

Cyber Attacks and Application - Motivation, Methods and Mitigation. Alfredo Vistola Solution Architect Security, EMEA

Cyber Attacks and Application - Motivation, Methods and Mitigation. Alfredo Vistola Solution Architect Security, EMEA Cyber Attacks and Application - Motivation, Methods and Mitigation Alfredo Vistola a.vistola@f5.com Solution Architect Security, EMEA Attacks are Moving Up the Stack Network Threats Application Threats

More information

What is an application delivery controller?

What is an application delivery controller? What is an application delivery controller? ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery

More information

The Presence and Future of Web Attacks

The Presence and Future of Web Attacks Agenda The Presence and Future of Web Attacks Marco Fullin, CISSP Warning: This talk will be technical, chaotic and hurt Akamai Today Grow revenue opportunities with fast, personalized web experiences

More information

Simple and Powerful Security for PCI DSS

Simple and Powerful Security for PCI DSS Simple and Powerful Security for PCI DSS The regulations AccessEnforcer helps check off your list. Most merchants think they are too small to be targeted by hackers. In fact, their small size makes them

More information

Data Center Virtualization Q&A

Data Center Virtualization Q&A Data Center Virtualization Q&A Q What's driving the need for data center virtualization? A We know that if business continuity is a key objective of an organization, it means that operations are up and

More information

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0 Author: Tonny Rabjerg Version: 20150730 Company Presentation WSF 4.0 WSF 4.0 Cybercrime is a growth industry. The returns are great, and the risks are low. We estimate that the likely annual cost to the

More information

Enterprise Overview. Benefits and features of Cloudflare s Enterprise plan FLARE

Enterprise Overview. Benefits and features of Cloudflare s Enterprise plan FLARE Enterprise Overview Benefits and features of s Enterprise plan 1 888 99 FLARE enterprise@cloudflare.com www.cloudflare.com This paper summarizes the benefits and features of s Enterprise plan. State of

More information

Security

Security Security +617 3222 2555 info@citec.com.au Security With enhanced intruder technologies, increasingly sophisticated attacks and advancing threats, your data has never been more susceptible to breaches from

More information

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets Threat Control and Containment in Intelligent Networks Philippe Roggeband - proggeba@cisco.com Product Manager, Security, Emerging Markets 1 Agenda Threat Control and Containment Trends in motivation The

More information

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011 SECURING THE NEXT GENERATION DATA CENTER Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011 JUNIPER SECURITY LEADERSHIP Market Leadership Data Center with High-End

More information

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief Cato Cloud Software-defined and cloud-based secure enterprise network Solution Brief Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise Cato Networks: Software-defined and Cloud-based

More information

Corrigendum 3. Tender Number: 10/ dated

Corrigendum 3. Tender Number: 10/ dated (A premier Public Sector Bank) Information Technology Division Head Office, Mangalore Corrigendum 3 Tender Number: 10/2016-17 dated 07.09.2016 for Supply, Installation and Maintenance of Distributed Denial

More information

Defend Your Web Applications Against the OWASP Top 10 Security Risks. Speaker Name, Job Title

Defend Your Web Applications Against the OWASP Top 10 Security Risks. Speaker Name, Job Title Defend Your Web Applications Against the OWASP Top 10 Security Risks Speaker Name, Job Title Application Security Is Business Continuity Maintain and grow revenue Identify industry threats Protect assets

More information

PCI DSS Compliance. White Paper Parallels Remote Application Server

PCI DSS Compliance. White Paper Parallels Remote Application Server PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3

More information

86% of websites has at least 1 vulnerability and an average of 56 per website WhiteHat Security Statistics Report 2013

86% of websites has at least 1 vulnerability and an average of 56 per website WhiteHat Security Statistics Report 2013 Vulnerabilities help make Web application attacks amongst the leading causes of data breaches +7 Million Exploitable Vulnerabilities challenge organizations today 86% of websites has at least 1 vulnerability

More information

PROTECTING INFORMATION ASSETS NETWORK SECURITY

PROTECTING INFORMATION ASSETS NETWORK SECURITY PROTECTING INFORMATION ASSETS NETWORK SECURITY PAUL SMITH 20 years of IT experience (desktop, servers, networks, firewalls.) 17 years of engineering in enterprise scaled networks 10+ years in Network Security

More information

F5 IPv6 Solutions. Ariel Santa Cruz FSE SoLA F5 Networks Inc. F5 Networks, Inc.

F5 IPv6 Solutions. Ariel Santa Cruz FSE SoLA F5 Networks Inc. F5 Networks, Inc. 1 F5 IPv6 Solutions Ariel Santa Cruz FSE SoLA F5 Networks Inc. a.santacruz@f5.com 2 Agenda End of IPv4 Common Customer Use Cases Ease the IPv6 Evolution Deliver Apps. to all clients Internal Access to

More information

Herding Cats. Carl Brothers, F5 Field Systems Engineer

Herding Cats. Carl Brothers, F5 Field Systems Engineer Herding Cats Carl Brothers, F5 Field Systems Engineer Agenda Introductions Security is easy, right Trivia Protecting your apps, one layer at a time How to survive an Attack Time permitting F5 Networks,

More information

ADC im Cloud - Zeitalter

ADC im Cloud - Zeitalter ADC im Cloud - Zeitalter Applikationsdienste für Hybrid-Cloud- und Microservice-Szenarien Ralf Sydekum, SE Manager DACH, F5 Networks GmbH Some of the Public Cloud Related Questions You May Have.. It s

More information

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you

More information

Evaluation Criteria for Web Application Firewalls

Evaluation Criteria for Web Application Firewalls Evaluation Criteria for Web Application Firewalls Ivan Ristić VP Security Research Breach Security 1/31 Introduction Breach Security Global headquarters in Carlsbad, California Web application security

More information

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION

More information

Introduction. The Safe-T Solution

Introduction. The Safe-T Solution Secure Application Access Product Brief Contents Introduction 2 The Safe-T Solution 3 How It Works 3 Capabilities 4 Benefits 5 Feature List 6 6 Introduction As the world becomes much more digital and global,

More information

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN Perimeter Defenses Enterprises need to take their security strategy beyond stacking up layers of perimeter defenses to building up predictive

More information

Enhancing Security With SQL Server How to balance the risks and rewards of using big data

Enhancing Security With SQL Server How to balance the risks and rewards of using big data Enhancing Security With SQL Server 2016 How to balance the risks and rewards of using big data Data s security demands and business opportunities With big data comes both great reward and risk. Every company

More information

A Practical Approach to IPv6

A Practical Approach to IPv6 A Practical Approach to IPv6 Vietnam IPv6 Day Boonchareon Chong Global Solution Architect - Service Provider Boon@f5.com The move to IPv6 The Data Tsunami in Service Providers and Enterprises IP Everything

More information

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today. Cato Cloud Global SD-WAN with Built-in Network Security Solution Brief 1 Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise The rise of cloud applications and mobile workforces

More information

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights IBM Secure Proxy Advanced edge security for your multienterprise data exchanges Highlights Enables trusted businessto-business transactions and data exchange Protects your brand reputation by reducing

More information

Introducing Avaya SDN Fx with FatPipe Networks Next Generation SD-WAN

Introducing Avaya SDN Fx with FatPipe Networks Next Generation SD-WAN Avaya-FatPipe Solution Overview Introducing Avaya SDN Fx with FatPipe Networks Next Generation SD-WAN The Avaya SDN-Fx and FatPipe Networks solution provides a fabric-based SDN architecture for simplicity

More information

Brocade Application Delivery

Brocade Application Delivery DATA SHEET Brocade Application Delivery Highlights Provides an Application Delivery and Load Balancing solution purposebuilt for high-performance Network Functions Virtualization (NFV) Uniquely customizable,

More information

Identiteettien hallinta ja sovellusturvallisuus. Timo Lohenoja, CISPP Systems Engineer, F5 Networks

Identiteettien hallinta ja sovellusturvallisuus. Timo Lohenoja, CISPP Systems Engineer, F5 Networks Identiteettien hallinta ja sovellusturvallisuus Timo Lohenoja, CISPP Systems Engineer, F5 Networks timo@f5.com Cybersecurity Is Business Continuity Maintain and grow revenue Identify industry threats Protect

More information

The F5 Intelligent DNS Scale Reference Architecture

The F5 Intelligent DNS Scale Reference Architecture The F5 Intelligent DNS Scale Reference Architecture End-to-end DNS delivery solutions from F5 maximize the use of organizational resources, while remaining agile and intelligent enough to scale and support

More information

Hybride Cloud Szenarien HHochverfügbar mit KEMP Loadbalancern. Köln am 10.Oktober 2017

Hybride Cloud Szenarien HHochverfügbar mit KEMP Loadbalancern. Köln am 10.Oktober 2017 Hybride Cloud Szenarien HHochverfügbar mit KEMP Loadbalancern Köln am 10.Oktober 2017 Manfred Pfeifer PreSales Consultant DACH & EE @ KEMP Technologies Email: mpfeifer@kemptechnologies.com Office: +49

More information

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )

Application Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder ) Application Note Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder ) This document describes how to configure McAfee Firewall Enterprise to provide

More information

Copyright

Copyright 1 Security Test EXTRA Workshop : ANSWER THESE QUESTIONS 1. What do you consider to be the biggest security issues with mobile phones? 2. How seriously are consumers and companies taking these threats?

More information

Citrix NetScaler AppFirewall and Web App Security Service

Citrix NetScaler AppFirewall and Web App Security Service Data Sheet Citrix NetScaler AppFirewall and Web App Security Service Citrix NetScaler AppFirewall TM is a comprehensive full function ICSA, Common Criteria, FIPS-certified web application firewall that

More information

Large FSI DDoS Protection Reference Architecture

Large FSI DDoS Protection Reference Architecture Large FSI DDoS Protection Reference Architecture Customers ISPa Tier 1: Protecting L3-4 and DNS Network Firewall Services + Simple Load Balancing to Tier 2 Tier 2: Protecting L7 Web Application Firewall

More information

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW: SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,

More information

VMworld disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no

VMworld disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no LHC3296BUS OVH: Shields Up! Building a True Security Barrier in the Cloud Chris Romano, Principal Systems Engineer #VMworld #LHC3296BUS VMworld disclaimer This presentation may contain product features

More information

F5 Networks Defence Methodiken auf Transportund Applikationsebene. Specialist SE - Security

F5 Networks Defence Methodiken auf Transportund Applikationsebene. Specialist SE - Security F5 Networks Defence Methodiken auf Transportund Applikationsebene Stephan Schulz Specialist SE - Security s.schulz@f5.com F5 Company Snapshot Founded: 1996 ADC Market Share Headquarters: Seattle, Wa Operations

More information

Citrix CloudBridge Product Overview

Citrix CloudBridge Product Overview Product Overview Product Overview Businesses rely on branch offices to serve customers, to be near partners and suppliers and to expand into new markets. As server and desktop virtualization increase and

More information

WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM

WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM SECURITY ANALYTICS WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM BLAZING PERFORMANCE, HIGH AVAILABILITY AND ROBUST SECURITY FOR YOUR CRITICAL WEB APPLICATIONS OVERVIEW Webscale is a converged multi-cloud

More information

Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution

Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution (Layer 3/4 and Layer 7) Delivering best-in-class network and web application security to the modern enterprise

More information

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications GLOBALPROTECT Prevent Breaches and Secure the Mobile Workforce GlobalProtect extends the protection of Palo Alto Networks Next-Generation Security Platform to the members of your mobile workforce, no matter

More information

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe Presenting the ware NSX ECO System May 2015 Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe Agenda 10:15-11:00 ware NSX, the Network Virtualization Platform 11.15-12.00 Palo Alto

More information

Never Drop a Call With TecInfo SIP Proxy White Paper

Never Drop a Call With TecInfo SIP Proxy White Paper Innovative Solutions. Trusted Performance. Intelligently Engineered. Never Drop a Call With TecInfo SIP Proxy White Paper TecInfo SD-WAN product - PowerLink - enables real time traffic like VoIP, video

More information

Virtual Dispersive Networking Spread Spectrum IP

Virtual Dispersive Networking Spread Spectrum IP Virtual Dispersive Networking Spread Spectrum IP DSI Proprietary 1 DSI Proprietary 2 Problem Lies Outside of Existing Security: On the Internet Internet Routers Virus Software Phishing Software etc POLICY

More information

Optimizing your network for the cloud-first world

Optimizing your network for the cloud-first world Optimizing your network for the cloud-first world Why performing cloud and network modernization together assures seamless, reliable user app delivery. Citrix.com ebook Align Cloud Strategy to Business

More information

Advanced threats. "Software defined" everything. Internet of Things. SDDC/Cloud. HTTP is the new TCP. Mobile. F5 Networks, Inc 2

Advanced threats. Software defined everything. Internet of Things. SDDC/Cloud. HTTP is the new TCP. Mobile. F5 Networks, Inc 2 F5 Software Defined Application Services F5 Synthesis Fred Wu Technical Director of F5 Networks China Advanced threats "Software defined" everything SDDC/Cloud Internet of Things Mobile HTTP is the new

More information

The New Net, Edge Computing, and Services. Michael R. Nelson, Ph.D. Tech Strategy, Cloudflare May 2018

The New Net, Edge Computing, and Services. Michael R. Nelson, Ph.D. Tech Strategy, Cloudflare May 2018 The New Net, Edge Computing, and Services Michael R. Nelson, Ph.D. Tech Strategy, Cloudflare MNELSON@CLOUDFLARE.COM or @MikeNelson May 2018 We are helping build a better Internet Cloudflare is an Edge

More information

Cloud Connect. Gain highly secure, performance-optimized access to third-party public and private cloud providers

Cloud Connect. Gain highly secure, performance-optimized access to third-party public and private cloud providers Cloud Connect Gain highly secure, performance-optimized access to third-party public and private cloud providers of the workload to run in the cloud by 2018 1 60 % Today s enterprise WAN environments demand

More information

DATACENTER SECURITY. Paul Deakin System Engineer, F5 Networks

DATACENTER SECURITY. Paul Deakin System Engineer, F5 Networks DATACENTER SECURITY Paul Deakin System Engineer, F5 Networks Datacenter Security Needs To scale To secure To simplify Scale for a work-anywhere / SSL everywhere world. Security for applications and data

More information

SoftLayer Security and Compliance:

SoftLayer Security and Compliance: SoftLayer Security and Compliance: How security and compliance are implemented and managed Introduction Cloud computing generally gets a bad rap when security is discussed. However, most major cloud providers

More information

Seamless Cloud Connectivity. for your business

Seamless Cloud Connectivity. for your business Seamless Cloud Connectivity for your business Enterprises are transforming the way they look at IT and resources, moving more business-critical applications and computing platforms to the cloud. As this

More information

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network Always Remember Chapter #1: Network Device Configuration There is no 100 percent secure system, and there is nothing that is foolproof! 2 Outline Learn about the Security+ exam Learn basic terminology

More information

Cato Networks. Network Security as a Service

Cato Networks. Network Security as a Service Cato s Security as a Service SHLOMO KRAMER, CEO Founder: Check Point (CHKP), Imperva (IMPV) Investor: Palo Alto s (PANW), Trusteer, GUR SHATZ, CTO VP R&D, PM: Imperva (IMPV) Founder: Incapsula (Imperva

More information

ISG-600 Cloud Gateway

ISG-600 Cloud Gateway ISG-600 Cloud Gateway Cumilon ISG Integrated Security Gateway Integrated Security Gateway Cumilon ISG-600C cloud gateway is the security product developed by Systrome for the distributed access network

More information

PrecisionAccess Trusted Access Control

PrecisionAccess Trusted Access Control Data Sheet PrecisionAccess Trusted Access Control Defeats Cyber Attacks Credential Theft: Integrated MFA defeats credential theft. Server Exploitation: Server isolation defeats server exploitation. Compromised

More information