Presentation is loading. Please wait.

Presentation is loading. Please wait.

Web Application Firewalls: Panel Discussion

Published byEliška Bohumila Beránková Modified over 6 years ago

Similar presentations

Presentation on theme: "Web Application Firewalls: Panel Discussion"— Presentation transcript:

1 Web Application Firewalls: Panel Discussion
Sebastien Deleersnyder CISSP Feb, 2006

2 Agenda Panel Introduction WAF Primer Panel Discussion

3 Agenda Panel Introduction WAF Primer Panel Discussion

4 Panel Introduction Philippe Bogaerts, BeeWare
Jaak Cuppens, F5 Networks Tim Groenwals, Agfa Gevaert Lieven Desmet, K.U.Leuven David Van der Linden, ING present yourself shortly + how do you or your organisation use the Top 10 ?

5 Agenda Introduction WAF Primer Panel Discussion

6 Network Firewalls Do Not Work
Application Database Server Web Client Web Server Application HTTP(S) Traffic Port 80 (443)

7 Enter Web Application Firewall Era
HW/SW that mitigates web application vulnerabilities: Invalidated Input Parameter tampering Injection Flaws

8 Web Application Firewalls
They understand HTTP/HTML very well They work after traffic is decrypted, or can otherwise terminate SSL Prevention is possible

9 Topologies Network-based: Web server-based: Protects any web server
Works with many servers at once Web server-based: Closer to the application Limited by the web server API

10 WAF functionality Rule-based: Anomaly-based:
Uses rules to look for known vulnerabilities Or rules to look for classes of attack Rely on rule databases Anomaly-based: Attempts to figure out what normal operation means

11 WAF Protection Strategies
Negative security model: Deny what might be dangerous. Do you always know what is dangerous? Positive security model: Allow what is known to be safe. Positive security model is better.

12 Vendors MOD-Security Beeware IntelliWall
Citrix NetScaler Application Firewall (Teros) DenyAll rWeb F5 TrafficShield (Magnifire) Imperva SecureSphere Netcontinuum Breach BreachGate WebDefend eEye SecureIIS Microsoft URLScan WAF? CheckPoint Application Intelligence? MS ISA Server? Dead: Kavado InterDo Watchfire AppShield (Sanctum) Ubizen DMZShield

13 Agenda Introduction WAF Primer Panel Discussion

14 How mature are WAFs? What are the 5 phases of a Hype Cycle? 1. "Technology Trigger" The first phase of a Hype Cycle is the "technology trigger" or breakthrough, product launch or other event that generates significant press and interest. 2. "Peak of Inflated Expectations" In the next phase, a frenzy of publicity typically generates over-enthusiasm and unrealistic expectations. There may be some successful applications of a technology, but there are typically more failures. 3. "Trough of Disillusionment" Technologies enter the "trough of disillusionment" because they fail to meet expectations and quickly become unfashionable. Consequently, the press usually abandons the topic and the technology. 4. "Slope of Enlightenment" Although the press may have stopped covering the technology, some businesses continue through the "slope of enlightenment" and experiment to understand the benefits and practical application of the technology. 5. "Plateau of Productivity" A technology reaches the "plateau of productivity" as the benefits of it become widely demonstrated and accepted. The technology becomes increasingly stable and evolves in second and third generations. The final height of the plateau varies according to whether the technology is broadly applicable or benefits only a niche market.

15 What do WAFs protect you from? What not?
Panel Discussion What do WAFs protect you from? What not? Where do you position WAFs in your architecture? What WAF functionality do you really need? How to reduce TCO? Who administrates a WAF within the organisation?

Download ppt "Web Application Firewalls: Panel Discussion"

Similar presentations

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.

Firewall Simulation Teaching Information Security Using: Visualization Tools, Case Studies, and Hands-on Exercises May 23, 2012.
© 2015 Imperva, Inc. All rights reserved. Collateral DDoS Ido Leibovich, ADC.

© 2015 Imperva, Inc. All rights reserved. Collateral DDoS Ido Leibovich, ADC.
Magic Quadrants 1. Research Processes Behind Methodologies 2 Qualitative Insight Research Quantitative Market Research Magic Quadrants Market Scopes Hype.

Magic Quadrants 1. Research Processes Behind Methodologies 2 Qualitative Insight Research Quantitative Market Research Magic Quadrants Market Scopes Hype.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
1 June 1, 2015 Secure access to project budget information for OAR Principal Investigators Eugene F Burger Sylvia Scott Tracey Nakamura John L Forbes PMEL.

1 June 1, 2015 Secure access to project budget information for OAR Principal Investigators Eugene F Burger Sylvia Scott Tracey Nakamura John L Forbes PMEL.
Barracuda Web Application Firewall

Barracuda Web Application Firewall
By Ben Pratt and Clint Forseth.  Ben Pratt ◦ Primary Role: Course Mgmt. Sys. Admin ◦ Secondary Roles: Printer Server Admin, Web Application Firewall.

By Ben Pratt and Clint Forseth.  Ben Pratt ◦ Primary Role: Course Mgmt. Sys. Admin ◦ Secondary Roles: Printer Server Admin, Web Application Firewall.
Hype Cycle 2010 and Cloud Computing Sidra Inayat.

Hype Cycle 2010 and Cloud Computing Sidra Inayat.
Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.

Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.
BUILDING A SECURE STANDARD LIBRARY Information Assurance Project I MN121051 Tajuddin hj. Tappe Supervisor Mdm. Rasimah Che Mohd Yusoff ASP.NET TECHNOLOGY.

BUILDING A SECURE STANDARD LIBRARY Information Assurance Project I MN Tajuddin hj. Tappe Supervisor Mdm. Rasimah Che Mohd Yusoff ASP.NET TECHNOLOGY.
Department Of Computer Engineering

Department Of Computer Engineering
1 Integrating ISA Server and Exchange Server. 2 How email works.

1 Integrating ISA Server and Exchange Server. 2 How works.
Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.
That’s Really not the Point… haroon meer | charl van der walt SensePost.

That’s Really not the Point… haroon meer | charl van der walt SensePost.
ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.

ISOM MIS3150 Data and Info Mgmt Database Security Arijit Sengupta.
Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 - Databases, Controls, and Security.

Systems Analysis and Design in a Changing World, 6th Edition 1 Chapter 12 - Databases, Controls, and Security.
Chapter 2. Core Defense Mechanisms. Fundamental security problem All user input is untrusted.

Chapter 2. Core Defense Mechanisms. Fundamental security problem All user input is untrusted.
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.
SIGITE 2008: 16-18 Oct Integrating Web Application Security into the IT Curriculum James Walden Northern Kentucky University.

SIGITE 2008: Oct Integrating Web Application Security into the IT Curriculum James Walden Northern Kentucky University.

Similar presentations

Ads by Google