Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Published byCharla McKenzie Modified over 9 years ago

Similar presentations

Presentation on theme: "Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation."— Presentation transcript:

1 Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License. The OWASP Foundation OWASP http://www.owasp.org Web Application Firewalls: Panel Discussion Sebastien Deleersnyder CISSP Feb, 2006 sdl@ascure.com

2 OWASP 2 Agenda  Panel Introduction  WAF Primer  Panel Discussion

3 OWASP 3 Agenda  Panel Introduction  WAF Primer  Panel Discussion

4 OWASP 4 Panel Introduction  Philippe Bogaerts, BeeWare  Jaak Cuppens, F5 Networks  Tim Groenwals, Agfa Gevaert  Lieven Desmet, K.U.Leuven  David Van der Linden, ING

5 OWASP 5 Agenda  Introduction  WAF Primer  Panel Discussion

6 OWASP 6 Network Firewalls Do Not Work Firewall Port 80 (443) HTTP(S) Traffic Web Client Web Server Application Database Server

7 OWASP 7 Enter Web Application Firewall Era  HW/SW that mitigates web application vulnerabilities:  Invalidated Input  Parameter tampering  Injection Flaws  …

8 OWASP 8 Web Application Firewalls  They understand HTTP/HTML very well  They work after traffic is decrypted, or can otherwise terminate SSL  Prevention is possible

9 OWASP 9 Topologies  Network-based:  Protects any web server  Works with many servers at once  Web server-based:  Closer to the application  Limited by the web server API

10 OWASP 10 WAF functionality  Rule-based:  Uses rules to look for known vulnerabilities  Or rules to look for classes of attack  Rely on rule databases  Anomaly-based:  Attempts to figure out what normal operation means

11 OWASP 11 WAF Protection Strategies  Negative security model:  Deny what might be dangerous.  Do you always know what is dangerous?  Positive security model:  Allow what is known to be safe.  Positive security model is better.

12 OWASP 12 Vendors  MOD-Security  Beeware IntelliWall  Citrix NetScaler Application Firewall (Teros)  DenyAll rWeb  F5 TrafficShield (Magnifire)  Imperva SecureSphere  Netcontinuum  Breach BreachGate WebDefend  …  eEye SecureIIS  Microsoft URLScan WAF?  CheckPoint Application Intelligence?  MS ISA Server? Dead:  Kavado InterDo  Watchfire AppShield (Sanctum)  Ubizen DMZShield

13 OWASP 13 Agenda  Introduction  WAF Primer  Panel Discussion

14 OWASP 14 How mature are WAFs?

15 OWASP 15 Panel Discussion  What do WAFs protect you from? What not?  Where do you position WAFs in your architecture?  What WAF functionality do you really need?  How to reduce TCO?  Who administrates a WAF within the organisation?

Download ppt "Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation."

Similar presentations

The following 10 questions test your knowledge of Internet-based client management in Configuration Manager 2007. Configuration Manager 2007 Internet-Based.

The following 10 questions test your knowledge of Internet-based client management in Configuration Manager Configuration Manager 2007 Internet-Based.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © 2006 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
© 2011 - S.Gioria OWASP Training Paris – France 26 Avril 2011 Copyright © 2009 - The OWASP Foundation Permission is granted to copy, distribute and/or.

© S.Gioria OWASP Training Paris – France 26 Avril 2011 Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or.
Copyright © 2005 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Barracuda Web Application Firewall

Barracuda Web Application Firewall
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Mod Security (Is it worth it?) By Rich Helton. Abstract (see my paper for sources)  Based on statistics, Apache is the most used web server being used.

Mod Security (Is it worth it?) By Rich Helton. Abstract (see my paper for sources)  Based on statistics, Apache is the most used web server being used.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Security Scanning OWASP Education Nishi Kumar Computer based training

Security Scanning OWASP Education Nishi Kumar Computer based training
Copyright © 2004 - The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Similar presentations

Ads by Google