Www..com WAFs in the Cloud A new direction for WAFs? Ofer Shezaf January 2010.

Slides:

Advertisements

Similar presentations

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Call Center Call Center on a Stick Ceedo for Call Center Presentation.

Advertisements

THE BUSINESS NEED Create affordable alternative/ provide enterprise power/capability for any-sized company Reduce resource-draining burden of meeting.

Supreme Systems Profile

© 2012 All rights reserved to Ceedo. Flexible Desktops. Dynamic Workplace. Ceedo for Citrix Optimal User Experience & Maximum IT Control Ceedo for Call.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Security Services Svetlana.

AUTHENTICATION IN THE CLOUD Are we really safe in the cloud?

Presented by Justin Bode CS 450 – Computer Security February 17, 2010.

MSIT 458: Information Security & Assurance By Curtis Pethley.

Unified Logs and Reporting for Hybrid Centralized Management

Common IS Threat Mitigation Strategies An overview of common detection and protection technologies Max Caceres CORE Security Technologies

BETA!BETA! Building a secure private cloud on Microsoft technologies Private cloud security concerns Security & compliance in a Microsoft private cloud.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.

Secure Cloud Computing with Virtualized Network Infrastructure HotCloud 10 By Xuanran Zong.

A Survey on Interfaces to Network Security

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Introducing Kerio Control Unified Threat Management Solution Release date: June 1, 2010 Kerio Technologies, Inc.

©2012 Check Point Software Technologies Ltd. Cloud Security Tamir Zegman Architect.

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Building Your Security Strategy with 3D.

PURE SECURITY Check Point UTM-1 Luděk Hrdina Marketing Manager, Eastern Europe Check Point Software Technologies Kongres bezpečnosti sítí 11. dubna 2007,

©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.

Introduction to Cloud Computing

Cloud Computing All Copyrights reserved to Talal Abu-Ghazaleh Organization

Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.

Cloud Computing Kwangyun Cho v=8AXk25TUSRQ.

CLOUD COMPUTING  IT is a service provider which provides information.  IT allows the employees to work remotely  IT is a on demand network access.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Introduction to Cloud Computing

Windows Azure Conference 2014 Lessons Learned From Large Scale Migrations to Windows Azure IaaS.

Web Application Firewall (WAF) RSA ® Conference 2013.

P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

Software Security Initiative James Walden Northern Kentucky University.

Prepared By : Bhavin Tank(S.Y.B.Sc.(IT)) College of Computer Science & IT, Junagadh Cloud Computing.

WAFs in the Cloud A new direction for WAFs? Ofer Shezaf January 2010.

12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,

Wireless Intrusion Prevention System

Enterprise Cloud Computing

Web Application Firewalls

Kona Security Solutions - Overview

Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.

V2 January © 2015 Citrix | Confidential – Content in this presentation is under NDA. NetScaler Pitch Deck One solution for all apps.

Juniper Networks Mobile Security Solution Nosipho Masilela COSC 356.

Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.

Managing Network Access Protection. Introduction to NAP Issues  Although corporate networks are highly secured, no control over the configuration of.

Barracuda NG Firewall ™

CLOUD ARCHITECTURE Many organizations and researchers have defined the architecture for cloud computing. Basically the whole system can be divided into.

Hybrid Cloud Web Filtering Platform

The Cloud Connection Company

Platform as a Service (PaaS)

Barracuda Web Filtering Service

Securing Your Web Application in Azure with a WAF

Configuring ALSMS Remote Navigation

Securing the Network Perimeter with ISA 2004

Dumps4download Exam Question - 100% Passing Assurance

AKAMAI INTELLIGENT PLATFORM™

RASPro is a secure high performance remote application delivery platform through a perfect combination of application hosting and application streaming.

Virtual Patching “A security policy enforcement layer which prevents the exploitation of a known vulnerability”

The Next Generation Cyber Security in the 4th Industrial Revolution

CORE Security Technologies

Docker in AWS ECS.

Increase and Improve your PC management with Windows Intune

Cloud Security AWS as an example.

Cloud Security AWS as an example.

Hosted Security.

Using Software Restriction Policies

SQL Server on Amazon Web Services

Presentation transcript:

WAFs in the Cloud A new direction for WAFs? Ofer Shezaf January 2010

What is a WAF?

The two faces of information security: Attack Detection: Anti-Virus Anti-Malware IDS/IPS Policy Enforcement: Firewall NAC Scanners

Which one is a WAF? It’s a firewall isn’t it? So it must be a policy enforcer. But it does signatures, so it is probably an attack detector.

Depends

The XIOM Definition Intimate understanding of HTTP A positive security model Application layer rules Session based protection Fine grained policy management

What is a cloud?

This is a cloud

More Seriously SaaS: SalesForce PaaS: Shared Hosting PaaS: Shared Hosting IaaS: Amazon EC2

What Role Can a WAF Play in the Cloud?

The Menu Enterprise Security Gateway WAF as a service –For protecting a data center –For protecting SaaS WAF for a cloud deployment –Host Based –Infrastructure Based WAF stubs –For a data center –For a cloud deployment

Enterprise Security Gateway

Enterprise Security Gateway Protect in the cloud services through unified security gateway. Pros: Unified access control Security for 3 rd party code Cons: Double bandwidth Hard to create positive security rules

WAF as a Service For SaaS For a Data Center

WAF as a service Use an in the cloud WAF to protect enterprise data center. Pros: Very easy deployment. Fast signature updates. Might be the only solution for a SaaS Cons: Double bandwidth Preventing direct access

WAF as a service - Akamai Applies ModSecurity Core Rules to HTTP traffic. Uses Akamai internal HTTP processing technology Signatures only, hardly a WAF

WAF for Cloud Environment

WAF for Cloud Environment Use an in the cloud WAF to protect enterprise data center. Pros: No Bandwidth Overhead Cons: Might be harder to deploy

Host based WAF

Host based WAF The most mature approach to WAF in the cloud. ModSecurity, SecureIIS, Applicure, PHPIDS…. However many times not more than an Host based IPS.

WAF stubs

WAF Stubs Host based stub and a remote brain. Different separation levels: –Remote monitoring & configuration –Remote learning –Remote enforcement –In-between.

WAF Stubs Art of Defence stub for AWS Breach Global Event Manager –Monitoring Only

Thank You!