web application firewalls panel discussion
Download
Skip this Video
Download Presentation
Web Application Firewalls: Panel Discussion

Loading in 2 Seconds...

play fullscreen
1 / 15

Web Application Firewalls: Panel Discussion - PowerPoint PPT Presentation


  • 181 Views
  • Uploaded on

Web Application Firewalls: Panel Discussion. Sebastien Deleersnyder CISSP Feb, 2006 [email protected] Agenda. Panel Introduction WAF Primer Panel Discussion. Agenda. Panel Introduction WAF Primer Panel Discussion. Panel Introduction. Philippe Bogaerts, BeeWare

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Web Application Firewalls: Panel Discussion' - ginny


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
agenda
Agenda
  • Panel Introduction
  • WAF Primer
  • Panel Discussion
agenda1
Agenda
  • Panel Introduction
  • WAF Primer
  • Panel Discussion
panel introduction
Panel Introduction
  • Philippe Bogaerts, BeeWare
  • Jaak Cuppens, F5 Networks
  • Tim Groenwals, Agfa Gevaert
  • Lieven Desmet, K.U.Leuven
  • David Van der Linden, ING
agenda2
Agenda
  • Introduction
  • WAF Primer
  • Panel Discussion
network firewalls do not work
Network Firewalls Do Not Work

Firewall

Application

DatabaseServer

WebClient

WebServer

Application

HTTP(S) Traffic

Port 80 (443)

enter web application firewall era
Enter Web Application Firewall Era
  • HW/SW that mitigates web application vulnerabilities:
    • Invalidated Input
    • Parameter tampering
    • Injection Flaws
web application firewalls
Web Application Firewalls
  • They understand HTTP/HTML very well
  • They work after traffic is decrypted, or can otherwise terminate SSL
  • Prevention is possible
topologies
Topologies
  • Network-based:
    • Protects any web server
    • Works with many servers at once
  • Web server-based:
    • Closer to the application
    • Limited by the web server API
waf functionality
WAF functionality
  • Rule-based:
    • Uses rules to look for known vulnerabilities
    • Or rules to look for classes of attack
    • Rely on rule databases
  • Anomaly-based:
    • Attempts to figure out what normal operation means
waf protection strategies
WAF Protection Strategies
  • Negative security model:
    • Deny what might be dangerous.
    • Do you always know what is dangerous?
  • Positive security model:
    • Allow what is known to be safe.
    • Positive security model is better.
vendors
MOD-Security

Beeware IntelliWall

Citrix NetScaler Application Firewall (Teros)

DenyAll rWeb

F5 TrafficShield (Magnifire)

Imperva SecureSphere

Netcontinuum

Breach BreachGate WebDefend

eEye SecureIIS

Microsoft URLScan

WAF?

CheckPoint Application Intelligence?

MS ISA Server?

Dead:

Kavado InterDo

Watchfire AppShield (Sanctum)

Ubizen DMZShield

Vendors
agenda3
Agenda
  • Introduction
  • WAF Primer
  • Panel Discussion
panel discussion
Panel Discussion
  • What do WAFs protect you from? What not?
  • Where do you position WAFs in your architecture?
  • What WAF functionality do you really need?
  • How to reduce TCO?
  • Who administrates a WAF within the organisation?
ad