WAF


WAF: Web Application Firewall
 

WAF - Web Application Firewall


Identification & Protection Against Threats



> Web Facing MS Exchange

> Database Injection Attacks

> Websites and E-commerce

> Automated web attacks by from botnets and malicious sources (malicious robots, crawlers, scanners and search engines)
> OWASP Top 10 Web Application Vulnerabilities

> XML Protection

> Protect Oracle Databases

> Cloud Data Protection
 


- WAF vs IPS: complements and plugs gaps in IPS

- WAF functionality can also be found built into Load Balancer / Application Delivery Controller (ADC) technology

- Analyse HTTP/S (encrypted) traffic and identify attacks


A WAF does not replace the network firewall and is normally deployed between the network firewall and the web server infrastructure.



Web application firewalls secure your web-based applications and internet-facing data from attack and data loss. Using advanced techniques to provide bi-directional protection against malicious sources, application layer DoS attacks and sophisticated threats like SQL injection and Cross-site scripting.

Web Application Firewall (WAF) vs Intrusion Prevention Systems (IPS)


A signature-based IPS has very little understanding of the underlying application. It cannot protect URLs or parameters. It does not know if an attacker is web-scraping, and it cannot mask sensitive information like credit cards and social security numbers. It could protect against specific SQL injections, but it would have to match the signatures perfectly to trigger a response, and it does not normalise or decode obfuscated traffic. One advantage of IPS is that they protect the most commonly used Internet protocols, such as DNS, SMTP, SSH, Telnet, and FTP.

Key Benefits of WAF over IPS



> Continuous Real-Time Assessment of Web Applications.

> Secures web applications in traditional, virtual, and private cloud environments.

> Secure the latest interactive web 2.0 and cloud applications.

> Application-specific XML filtering and validation functions that ensure that the XML input of web-based applications is properly structured.

> Ensure application availability.

> Intercept traffic to your servers against, to protect against hacking, tampering and attacks.

> Protection against including SQL injection, cross-site scripting and directory traversal.

> Anti virus scans all inbound files and content.

WAF Solution Features & Benefits

> Vulnerability Scanning

> Application Access
Users expect easy access to the applications and data they need from any device and any location - whether those resources are in a data center, the cloud, SaaS-based, or a hybrid environment.

Unify and centrally manage authentication and single sign-on for enterprise, mobile ad cloud apps.  

> Traffic Profiling 
Automatically and dynamically profile user activity to create a baseline of allowed usage.

> DoS / DDoS Protection 
Network and application layer DoS / DDoS protection.

> HTTPS Encrypted Traffic Inspection

SSL encryption co-processing accelerates transaction times, offloads encryption functions, reduces processing requirements on your web servers.

> Load Balancing

Integrated Layer 7 load balancing and content-based routing increases application speeds, improves server resource utilisation and stabilises applications.

> Compliance

  • Authentication verification
  • Encryption and Decryption
  • SSL off-loading
  • Vulnerability Scanner module within web application firewall meets requirements for PCI DSS requirement 6.6.


PCI DSS

Requirement 1: Install and maintain a firewall configuration to protect cardholder data
  • Web proxy feature masks internal servers and IP addresses from external clients.


Requirement 3.4: Mask primary account number (PAN) when displayed and Render PAN unreadable anywhere it is stored.
  • Encryption
  • Mask PAN’s


Requirement 6.5 & 6.6: Web Application Security

Web Application Firewall

WAF’s use advanced techniques to provide bi-directional protection against malicious sources, network and application layer DoS attacks and sophisticated threats like SQL injection and XSS, help prevent identity theft, financial fraud and denial of service.

For public-facing web applications, address new threats and vulnerabilities on an on-going basis and ensure these applications are protected against known attacks by either of the following methods:
  • Reviewing public-facing web applications via manual or automated application vulnerability security assessment tools or methods, at least annually and after any changes.
  • Installing a web-application firewall in front of public-facing web applications.
Web Application Firewall deployed in front of public-facing web applications protects Web applications, databases, and the information exchanged between them. In particular, it addresses the PCI DSS requirements 6.5 and 6.6 regarding web application vulnerabilities such as cross-site scripting, SQL injection, and information leakage.

Note: Web Application Firewall
“Web Application Firewall” was renamed to “Automated Technical Solution” to detect flaws.



Requirement 7: Restrict access to cardholder data by business need to know
 
WAF (Web Application Firewall) Data Access Policies : Where data is accessed using a web-based application, data access policies can be applied to ensure that access control criteria are met.

Restrict access to particular web applications to users from trusted networks, with valid access credential (including client certificates).

Used to augment or reinforce the access controls built into the applications itself.


Requirement 8: Assign a unique ID to each person with computer access WAF (Web Application Firewall) 

Provide a central point of entry to authenticate, identify and log all user activity.


Requirement 9: Restrict physical access to cardholder data WAF (Web Application Firewall)
Controls reduce the need to give individuals direct physical access to cardholder data.

 


WAF Management & Administration 

Centralised management and administration provide the ability to manage multiple WAF devices from a single console and provide administration rights to designated domain owners to manage their own applications separately from others.

Web Application Firewall deployment platform options

  • Appliance / hardware
  • Managed / hosted service
  • Virtual / software (runs on virtualised private or public cloud platforms)



Cloud Managed Web Application Firewall Service

Website and Application Firewall Services managed from the cloud.


Contact SecureNet Consulting today for solutions advise, professional services, engineering and proof of concept resources for Web Application Firewalls / WAF.


SecureNet Consulting Professional Services
SecureNet Consulting Technical Engineering
http://www.securenetconsulting.co.uk/p/contact-us.html
SecureNet Consulting Managed Services
SecureNet Consulting IT Support Services
http://www.securenetconsulting.co.uk/p/training_7.html
+44(0)7714 209927
+44(0)1273 329753
info@securenetconsulting.co.uk
info@securenetconsulting.co.uk

http://eepurl.com/GKx25https://www.linkedin.com/in/paul-rummery-0b89535http://www.fhttps/www.facebook.com/pages/SecureNet-Consulting/188102854572105https://plus.google.com/116898209106255177774