BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic...
Transcript of BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic...
![Page 1: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/1.jpg)
BIG-IPASMWeb Application Firewall Basic Concepts
Patrick Zoller, Systems Engineer
![Page 2: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/2.jpg)
© F5 Networks, Inc 2© F5 Networks, Inc 2
Who is F5 Networks?
• Name inspired by the 1996 movie, Twister, in which reference was made to the fastest and most powerful tornado on the Fujita Scale: F5
• Based in Seattle USA, established in 1996, public in 1999, offices worldwide.
• Over 50% market share in Application Delivery Controller market.
• F5 Mission is to deliver the most secure, fast, and reliable applications to anyone anywhere, at anytime.
• 49 of Fortune 50 companies rely on F5
• Revenue US$2.1 billion, no debt, 4,400 employees, Fortune 1000 company
• NASDAQ: FFIV
![Page 3: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/3.jpg)
© F5 Networks, Inc 3© F5 Networks, Inc 3
Who is F5 Networks?
![Page 4: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/4.jpg)
![Page 5: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/5.jpg)
• Security Policies werden pro Applikation erstellt
Application Security Policy 1/2
• Policies können aus Negativ-, Positiv-Security und einem Mix aus beiden bestehen
• Optionen zum Erstellen einer Policy
• Manuell,
• Automatisch,
• DAST Integration:
• HP Webinspect
• IBM AppSCan
• ImmuniWeb
• Qualys
• Quantium Seeker
• Trustwave App Scanner
• GENERIC
![Page 6: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/6.jpg)
• Enforcement Modes: Transparent, Blocking
Application Security Policy 2/2
• Mode Blocking: Individuelle Funktionen können transparent bleiben
• Enforcement Mode in Abhängigkeit des Host Headers
• Policies können exportiert und importiertwerden
• Policies können Hierarchien besitzen:Parent / Child Policies
• Policies können zwischen ASM Gruppen synchronisiert werden
![Page 7: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/7.jpg)
Traffic Learning 1/2
![Page 8: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/8.jpg)
Traffic Learning 2/2
![Page 9: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/9.jpg)
Central Policy Builder
BIGIQCentral Policy Builder
BIG-IQ
![Page 10: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/10.jpg)
F/P Example:Disable Signature on Parameter on URL
![Page 11: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/11.jpg)
© F5 Networks, Inc 11© F5 Networks, Inc 11
BIG-IP® ASM: Leadership in WAFAdvanced WAF• Bot Detection (incl. Mobile-Bot)
• Client Fingerprinting
• Session Hijacking
• Websocket Security
• Web Scraping Prevention
• Brute Force Mitigation
• Credential Stuffing
• L7 DDoS Protection
• Heavy URL Mitigation
• CAPTCHA Challenges
• HTTP Header Sanitization/Insertion
• Anti-CSRF Token Insertion
• Single Page Application
• PFS Ciphers
![Page 12: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/12.jpg)
![Page 13: BIG-IP ASM Web Application Firewall Basic Concepts · BIG-IP ASM Web Application Firewall Basic Concepts Patrick Zoller, Systems Engineer](https://reader031.fdocuments.net/reader031/viewer/2022020104/5b7ae2db7f8b9aa74b8b832d/html5/thumbnails/13.jpg)