F5 Advanced WAF - Softchoice · PDF file Why is F5 Advanced WAF deployed inline? F5 believes...

Click here to load reader

  • date post

    14-Jun-2020
  • Category

    Documents

  • view

    5
  • download

    0

Embed Size (px)

Transcript of F5 Advanced WAF - Softchoice · PDF file Why is F5 Advanced WAF deployed inline? F5 believes...

  • FAQ F5 Advanced WAF

    1

    FAQ

    F5 Advanced WAF

    September 2018

  • FAQ F5 Advanced WAF

    2

    Contents

    Packaging .......................................................................................................................................................... 5

    Deployment Scenarios ...................................................................................................................................... 8

    Use Cases .......................................................................................................................................................... 8

    Positioning ...................................................................................................................................................... 10

    Migration ........................................................................................................................................................ 12

    Pricing ............................................................................................................................................................. 14

    Resources ........................................................................................................................................................ 14

  • FAQ F5 Advanced WAF

    US Headquarters: 401 Elliott Ave W, Seattle, WA 98119 | 888-882-4447

    [email protected]

    ©2018 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries.

    Other F5 trademarks are identified at f5.com. Any other products, services, or company names referenced herein may be trademarks of the respective owners

    with no endorsement or affiliation, expressed or implied, claimed by F5. TMPL-CORE-215662710 | 03.18

    Product Overview

    What is F5 announcing? F5 is releasing a new product called Advanced WAF. Availability is targeted for Q2 FY18. The new offering will be

    highlighted in the App Protection marketing campaign starting in April 2018.

    Why is F5 releasing Advanced WAF? F5 is re-defining web application security to address the most prevalent threats customers are facing today:

    • Automated attacks and bots that overwhelm existing security solutions

    • Web attacks that steal credentials and gain unauthorized access across user accounts

    • Application layer attacks that evade signature and reputation-based security solutions

    • New attack surfaces and threats due to the rapid adoption of APIs

    Advanced WAF provides a dedicated solution for application security that targets the security buyer with differentiated

    capabilities.

    What is a WAF? A WAF is an application-layer security solution that sits in-front of an application to protect against attacks or

    vulnerabilities without having to change the application itself.

    Web Application Firewalls (WAFs) protect applications from common attacks such as cross-site scripting (XSS) and

    SQL injection. A WAF is different from a regular firewall in that a WAF is able to filter the content of specific web

    applications while network firewalls provide port filtering and segmentation. WAF solutions are capable of preventing

    attacks that network firewalls and intrusion detection systems can't, and they do not require modification of application

    source code.

    What is an Advanced WAF? The term "Advanced WAF" describes protection that goes beyond the traditional WAF functions by adding security

    capabilities needed to defend against current threats.

    F5 Advanced WAF introduces new capabilities that are unique in the WAF market:

    • Bot detection beyond signatures and reputation to block evolving automated attacks

    • Application layer encryption to protect against credential theft

    • L7 DDoS detection using machine learning and behavioral analytics for high accuracy

  • FAQ F5 Advanced WAF

    US Headquarters: 401 Elliott Ave W, Seattle, WA 98119 | 888-882-4447

    [email protected]

    ©2018 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries.

    Other F5 trademarks are identified at f5.com. Any other products, services, or company names referenced herein may be trademarks of the respective owners

    with no endorsement or affiliation, expressed or implied, claimed by F5. TMPL-CORE-215662710 | 03.18

    An advanced WAF has the following capabilities:

    • Protection from Web Exploits and application vulnerabilities (CVEs)

    • Bot protection

    • Protection from credential attacks

    • The ability to use real-time threat intelligence and reputation

    • L7 DDoS mitigation based on machine learning and behavioral analytics

    • API Security

    Things to consider when evaluating an advanced WAF:

    Bot Protection:

    Detection goes beyond signatures and reputation to accurately detect malicious and benign bots using client behavioral

    analysis, server performance monitoring, and escalating JavaScript/CAPTCHA challenges

    Credential Attacks:

    Protects against attacks that can steal credentials from the user’s browser (e.g. keyloggers), from data in transit (e.g.

    MiTM), and/or from the server (e.g. vulnerabilities/data leakage)

    Performance:

    Scalable full proxy deployment with integrated TLS/SSL decryption and hardware acceleration

    Flexible Deployment:

    Available as a hardware appliance/chassis for the Data Center, and software for private/public Cloud.

    What F5 products support Advanced WAF? Initially, Advanced WAF will be supported on the following BIG-IP platforms:

    • iSeries i2x00, i4x00, i5x00, i7x00, i10x00, i11x00, i15x00

    • BIG-IP 2000s/2200s, 4000s/4200v, 5050s/5250v, 705Xs/72XXv, 10XXXv/10X5Xs, 12250v

    • VIPRION 2400 series

    • VIPRION 4400 series

    • BIG-IP Virtual Edition in Private Cloud: 25 Mbps, 200 Mbps, 1 Gbps

    • High Performance VE (8 cores, 12 cores, 16 cores)

    • BIG-IP Virtual Edition in Public Cloud marketplaces (Amazon, Azure)

    Note: Support for the Google Cloud Platform is coming soon.

  • FAQ F5 Advanced WAF

    US Headquarters: 401 Elliott Ave W, Seattle, WA 98119 | 888-882-4447

    [email protected]

    ©2018 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries.

    Other F5 trademarks are identified at f5.com. Any other products, services, or company names referenced herein may be trademarks of the respective owners

    with no endorsement or affiliation, expressed or implied, claimed by F5. TMPL-CORE-215662710 | 03.18

    Does Advanced WAF support FIPS? Advanced WAF can be added to FIPS certified BIG-IP platforms running Local Traffic Manager (LTM). Standalone

    Advanced WAF on FIPS certified platforms is on the roadmap.

    Is Advanced WAF certified by ICSA Labs? Advanced WAF can be added to ICSA-certified BIG-IP platforms running Local Traffic Manager (LTM).

    Packaging

    What version of BIG-IP supports Advanced WAF? Advanced WAF is supported beginning in BIG-IP version 13.1.0.2.

    What is included in F5 Advanced WAF? F5 Advanced WAF includes all features found in ASM and adds additional capabilities:

  • FAQ F5 Advanced WAF

    US Headquarters: 401 Elliott Ave W, Seattle, WA 98119 | 888-882-4447

    [email protected]

    ©2018 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries.

    Other F5 trademarks are identified at f5.com. Any other products, services, or company names referenced herein may be trademarks of the respective owners

    with no endorsement or affiliation, expressed or implied, claimed by F5. TMPL-CORE-215662710 | 03.18

    What is Base ADC? Base ADC refers to Application Delivery capabilities found in BIG-IP LTM such as SSL offload and load balancing.

    What is L7 DDoS? L7 DDoS refers to comprehensive application layer DDoS mitigation capabilities found in Advanced WAF.

    What is WAF? WAF refers to core ASM capabilities such as OWASP Top 10 protection.

    What is API Security? API Security refers to a future add-on to Advanced WAF.

    What is Anti-Bot (A.Bot)? Anti-Bot (A.Bot) refers to bot protection.

    What is Anti-Bot Mobile SDK (A.Bot M)? Anti-Bot Mobile SDK (A.Bot M) refers to bot protection specific to mobile apps. The Anti-Bot Mobile SDK is available as

    an add-on to Advanced WAF and ASM.

    Mobile apps do not support JavaScript. JavaScript is a primary technique used to detect automated attacks and bots.

    Mobile apps that do not support JavaScript cannot be protected by many traditional bot mitigation techniques.

    Customers can eliminate the risk of automated attacks by establishing a Whitelist using the Mobile SDK.

    Anti-Bot Mobile SDK uses a Whitelist to establish trust based on an embedded software package within the customer’s

    application code, and corresponding cookie verification by Advanced WAF.

    How is the Anti-Bot Mobile SDK Deployed? Traditionally, Software Development Kits (