Genislab builds better products and faster go-to-market with Lean project man...
ACOS 2.7.1 Release with Integrated WAF, AAM and DDoS Modules
1. 1
Customer Driven Innovation
1
Do not distribute/edit/copy without the
written consent of A10 Networks
ACOS 2.7.1 Release with Integrated WAF,
AAM and DDoS Protection Modules
May 2013
2. 2
Introducing New Security Modules
No licensing
Security services for the
A10 Thunder™ and AX
Series models
Web Application Firewall
(WAF) for Cloud Security
Application Access
Management (AAM) for
Authentication
Enhanced Distributed
Denial of Service (DDoS) for
Multi-layer Edge Protection
3. 3
ACOS: L2 to L7 Intelligent Software Platform
7+ years of
development
Separate control,
data and
management
plane
64-bit symmetric
multi-core
shared memory
Virtual and
Physical
Versatile,
adaptable,
efficient
Energy efficient
and highest
performance
4. 4
ACOS 2.7.1 Flexible Deployment and Platform Choice
Virtual or hardware
appliance and virtual
chassis
Available via Cloud
Service Providers
Common OS and
interface
aCloud
aVCS
5. 5
Web Application Firewall Overview
Value
Protect web applications
Ensure against code
vulnerabilities and gain PCI
compliancy
Prevent damage to intellectual
property, data and applications
Advantage
Fully integrated/designed for
ACOS
No license; single device
solution
Scalable and high performance
6. 6
WAF Sample Features - Applicable OWASP Top 10
Injection
SQL injection attack (SQLIA)
Allowed HTTP methods checks for
allowed keywords GET, POST etc.
Form Consistency Check
Cross-Site Scripting (XSS) check
HTML XSS check
Insecure Direct Object
References
Whitelisting URI
URI Black List/White List check
Sensitive Data Exposure
Credit Card Number scrubbing
Social Security Number scrubbing
Missing Function Level Access
Control
aFleX
Cross-Site Request Forgery
(CSRF) check
Referer Check
CSRF Check
Using Components with Known
Vulnerabilities
URI Blacklist
Unvalidated redirects and
forwards
Whitelisting URI
7. 7
Application Access Management (AAM)
Value
Centralized authentication point
for resource access
Enhanced protection and
server efficiency
Authentication offload
Advantage
Supports popular
authentication services/stores
No adjustment to web servers
or infrastructure
Seamless integration
No license required
8. 8
DDoS: Multi-Layer Edge Protection
Value
Large-scale DDoS protection
Advanced protection features
Predictable operations
Advantage
Feature rich DDoS defense
mitigates network and
application attacks
Hardware DDoS for SYN-flood
attacks (over 200 million SYN
Cookies/sec in 1 RU)
9. 9
ACOS 2.7.1 Additional Highlights
Large Scale Multi Tenancy with 1024 L3V Partitions
Support for additional Hypervisors and SR-IOV
Open source Xen hypervisor support added
Support for ADP/L3V in SoftAX
Database Load Balancing
aFleX for RADIUS
Traffic Steering with ICAP
Large Scale RAM Caching
Usability and Monitoring Enhancements
165+ New Features!
10. 10
Summary
ACOS scalability is the unique foundation
Advanced modules including WAF, AAM and DDoS
Most flexible deployment
No Licensing for premium integrated modules and features
Drive down costs and reduce complexity
Deliver competitive business advantages for your Cloud