SECURE YOUR APPLICATIONS, SIMPLIFY AUTHENTICATION AND CONSOLIDATE YOUR INFRASTRUCTURE San Diego March 21, 2013 John Lee Field Systems Engineer
Conjecture of relative breach impact is based on publicly disclosed information regarding leaked records and financial losses 2011 Sampling of Security Incidents by attack type, time and impact Size of circle estimates relative impact of breach in terms of cost to business Attack type Fox News X-Factor Nortrop Grunman Bethesda Software IMF Italy PM Site PCS Consulting Epson Korea Norway MSN Finnish Government Sites 178.com Hemmelig.com Italian Ministry Duowan SQL injection URL tampering Epsilon Citigroup Spanish Nat Police Sega Diginotar Mitsubishi Heavy Industries Valve Steam Trion CSDN Spear phishing Third-party software DDoS HB Gary Sony PBS Gmail Accounts PBS SOCA Booz Allen Hamilton Vanguard Defense TGKK Nexon 7K7K.com SecureID Trojan software Unknown RSA L3 Communications Sony BMG Greece Lockheed Martin Nintendo Malaysian Gov Site Peru Special Police Turkish Government AZ Police US Senate Brazil Gov NATO Monsanto SK Communications Korea Hong Kong Stock Exchange US Law Enforcement NetNames DNS Service NetNames DNS Service Sony Adidas United Nations Israeli and Palestinian Sites Stratfor Tian.ya Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Figure 1: 2011 Sampling of Security Incidents by Attack Type, Time and Impact
Maintaining Security Is Challenging Webification of apps 71% of internet experts predict most people will do work via web or mobile by 2020. Device proliferation 95% of workers use at least one personal device for work. 130 million enterprises will use mobile apps by 2014 Evolving security threats 58% of all e-theft tied to activist groups. 81% of breaches involved hacking Shifting perimeter 80% of new apps will target the cloud. 72% IT leaders have or will move applications to the cloud.
Who Is Responsible for Security? Clients Infrastructure s Storage Network Engineering services Developers DBA
Who Is Responsible for Security? Clients Infrastructure s Storage Engineering services Developers DBA Network security
Security at the Critical Point in the Network Physical Virtual Storage Clients Total Delivery Networking Remote Services SSL APP access VPN firewall Cloud
What Is ASM? Allows the security team to secure a website without changing the application code Provides comprehensive protection for all web application vulnerabilities, including (D)DoS Logs and reports all application traffic, attacks and usernames Educates admin on attack type definitions and examples PCI compliance
Full Proxy Security Client / Server Client / Server Web application health monitoring and performance anomaly detection Web application HTTP proxy, HTTP DDoS and application security Session SSL inspection and SSL DDoS mitigation Session Network L4 Firewall: Full stateful policy enforcement and TCP DDoS mitigation Network Physical Physical
IPv4/IPv6 TCP HTTP SSL HTTP SSL OneConnect TCP Firewall APM Full Proxy Security F5 s Approach Client / Server Optional modules plug in for all F5 products and solutions Client / Server Web application health monitoring and performance anomaly detection Traffic management microkernel Web application Session Proxy HTTP proxy, HTTP DDoS and application security Client side Server side SSL inspection and SSL DDoS mitigation Session Network Physical L4 Firewall: Full stateful policy enforcement and TCP DDoS mitigation irules High-performance HW icontrol API Network Physical TMOS traffic plug-ins High-performance networking microkernel Powerful application protocol support icontrol External monitoring and control irules Network programming language
Firewall Technologies A long time ago and then present day and now with F5! Firewalls started out as proxies to maximize security Stateless filters accelerated firewalls, but weakened security Stateful and next-gen firewalls added security with deep inspection, but still fall short of proxies F5 brings full proxy back to firewalls: highest security matched by a high-scale and highperformance architecture
Protecting the Full Footprint Mobile user access management & security Enterprise headquarters delivery firewall Enterprise data center Mobile user access Partners, suppliers Internet data center Hacker Enterprise remote office Data center/ private cloud Customer
Four Solutions A summary Securing access to applications from anywhere Protecting your applications regardless of where they live Mobile user access Accelerated remote access solution residing at the edge of the network, that brings together SSL VPN, end-point inspection, strong authentication, app acceleration and availability services. security Leading web application firewall and attack protection to reduce the risk to IP and data, while keeping applications secure, fast and available. access management Flexible, high-performance web access and security solution, that provides context-aware, policy-based access to users while simplifying authentication, authorization and accounting (AAA) management. delivery firewall A native, high performance firewall solution that protects the entire infrastructure with full application visibility and control, while scaling to perform under the most demanding conditions.