SlideShare una empresa de Scribd logo

Novinky F5 pro rok 2018

MarketingArrowECS_CZ
MarketingArrowECS_CZ

F5 Partnerský update 27.3.2018, Praha

Tecnología
1 de 104
Descargar para leer sin conexión
Novinky F5 Filip Kolář, Sales Manager F5, ČR Radovan Gibala, Presales Engineer F5, ČR
• • • • • • •
INBOX WEBEX SHAREPOINT CONCUR SALESFORCE WORKDAY
YOUR DATA HAS VALUE “In 429 reported breaches studied between 2005 and 2017, attackers have profited $2.75 billion.” F5 Labs Research APPLICATIONS ARE THE BUSINESS
Web App Attacks are the #1 Source of Data Breaches 1% 2% 4% 5% 9% 11% 11% 14% 15% 29% 0% 5% 10% 15% 20% 25% 30% 35% Denial of Service Crimeware Physical Theft and Loss Payment Card Skimmers Everything Else Point of Sale Miscellaneous Errors Privilege Misuse Cyber-Espionage Web App Attacks 29% 2017 Verizon Data Breach Investigations Report ”Web Application Attacks remains the most prevalent” “Use of stolen credentials against web applications was the dominant hacking tactic“
“Ransomware Surges Again As Cybercrime-as-Service Becomes Mainstream for Crooks” ZD Net “Russian Hackers Selling Login Credentials of UK Politicians, Diplomats ‒ Report” The Register “Rent-a-Botnet Services Making Massive DDoS Attacks More Common Than Ever Before” PC World “IoT Botnets Are Growing ‒ and Up for Hire” MIT Technology Review “Attacker Demands Ransom After Series of DDoS Attacks on Poker Site” Hack Read “Hacked Yahoo Data Is for Sale on Dark Web” New York Times “93% of breaches in 2016 involved organised crime” Source: Verizon 2017 Data Breach Investigations Report
APP SERVICES ACCESS TLS DNS NETWORK CLIENT THE APPLICATION IS THE GATEWAY TO DATA Understand the application
CLIENT Man-in-the-browser Session hijacking Malware Cross-site scripting Cross-site request forgery DNS hijacking DNS spoofing DNS cache poisoning Man-in-the-middle Dictionary attacks DDoS DNS Eavesdropping Protocol abuse Man-in-the-middle DDoS NETWORK Certificate spoofing Protocol abuse Session hijacking Key disclosure DDoS TLS Credential theft Credential stuffing Session hijacking Brute force Phishing ACCESS API attacks Injection Abuse of functionality Man-in-the-middle DDoS Malware Cross-site scripting Cross-site request forgery APP SERVICES
REPORTS ARTICLES BLOGS “IoT Devices are the Latest Minions in Cyber Weaponry Toolkits” “Mirai: The IoT Bot That Took Down Krebs and Launched a Tbps Attack on OVH” “IoT Threats: A First Step into a Much Larger World of Mayhem” Search by topic, type, tag, and author. F5Labs.com Visit Us at F5Labs.com
Intel  Action “Hackers Are Going Phishing In An Overstocked Pond” “Applications are the Targets, Identities are the Exploit Key” “DDoS is Plug and Play at Rates your Network Can’t Sustain” TECHNICAL IDENTITY APPLICATION Administrative Recommendation: Define your DDoS strategy: on-premises, hybrid, or cloud? Identity Recommendation: Implement ID federation and multi-factor authentication (MFA). Administrative Recommendation: Train your entire staff on phishing regularly. Technical Recommendation: Implement a WAF to bridge the gap between detection and remediation. Application Recommendation: Automated vulnerability remediation with a WAF. Preventative Recommendation: Implement MFA to ensure compromised credentials don’t compromise your app! ADMINISTRATIVE PREVENTATIVEADMINISTRATIVE
Application Threat Intelligence Free to the public at Client-Side Attacks Malware Ransomware Man-in-the-browser Session hijacking Cross-site request forgery Cross-site scripting DDoS Attacks SYN, UDP, and HTTP floods SSL renegotiation DNS amplification Heavy URL App Infrastructure Attacks Man-in-the-middle Key disclosure Eavesdropping DNS cache poisoning DNS spoofing DNS hijacking Protocol abuse Dictionary attacks Web Application Attacks API attacks Cross-site scripting Injection Cross-site request forgery Malware Abuse of functionality Man-in-the-middle Credential theft Credential stuffing Phishing Certificate spoofing Protocol abuse f5labs.com
DDoS Attacks Ransomware Web Fraud Credential Stuffing Malware Phishing Malicious Bots
of Internet traffic is automated of 2016 web application breaches involved the use of bots 98.6M bots observed Source: Internet Security Threat Report, Symantec, April 2017
Client-Side Attacks Malware Ransomware Man-in-the-browser Session hijacking Cross-site request forgery Cross-site scripting DDoS Attacks SYN, UDP, and HTTP floods SSL renegotiation DNS amplification Heavy URL App Infrastructure Attacks Man-in-the-middle Key disclosure Eavesdropping DNS cache poisoning DNS spoofing DNS hijacking Protocol abuse Dictionary attacks Web Application Attacks API attacks Cross-site scripting Injection Cross-site request forgery Malware Abuse of functionality Man-in-the-middle Credential theft Credential stuffing Phishing Certificate spoofing Protocol abuse Acommon source of many threat vectors Malware Ransomware Man-in-the-browser Cross-site scripting Dictionary attacks SYN, UDP, and HTTP floods SSL renegotiation DNS amplication Heavy URL API attacks Cross-site scripting Injection Malware Abuse of functionality Credential stuffing Phishing
Application Threat Intelligence Reaper panic The latest thingbot making press waves was predicted in "The Hunt for IoT" volume 3
Web Scraping Protection Pro-Active Bot Prevention L7 DoS WAF SOLUTION PROBLEM Behavioural analysis to identify malicious bots
© F5 Networks, Inc 22 Proactive Bot Defense and Bot Signature
© F5 Networks, Inc 23 PBD - Client side integrity defense - flow User Browser DoS Profile App First main page access HTTP Request (no cookie) Computational challenge Solve challenge/ set cookie with time stamp HTTP Request (cookie) Reconstruct request Original HTTP Request HTTP Response (main page) HTTP Response (main page) More object requests (cookie) Validate cookie: format & time stamp More object requests More responses More responsesDeliver page
© F5 Networks, Inc 24 Bots that simulate browsers Web Server I’m a Bot that simulate browser ASM: ok, what are your capability ? If you will not answer right you will have to answer a CAPTCHA No you are not, bye bye -> block this guy. DNS Server Bummer Capability ? CATPCHA ?
© F5 Networks, Inc 25 Client Capabilities -challenge script flow User Browser DoS Profile App First request GET /sell.php GET /sell.php (no cookie) Client Capabilities Challenge response Return Client Capabilities verification Reconstruct request HTTP Response (cookie) HTTP Response GET /img.png (cookie) Blank page & Set cookie Original HTTP Request + cookie 1. Authenticate and decrypted JS results, 2. Compute browser score based on result 3. Determine an action based on score GET /img.png (cookie) Validate cookie: format & time stamp
© F5 Networks, Inc 26 How bots that simulate browsers are evaluated and scored Evaluating request High Score Pass Low Score Send CAPTCHA and If valid CAPTCHA – Pass Otherwise - Block 0 – 59 – browser 60 – 99 – Unknown 100 – Bot
© F5 Networks, Inc 27 • PBD interaction with Bot signature – Benign white list • Identification of browsers discrepancies utilizing I can use and Modernizr databases (updates same time as other attack signatures) • Databases are updated with the ASM attack signatures and the bot signatures • Giving score to browsers and executing relevant actions: • Pass request to the server • CAPTCHA to verify human • Block bots Proactive Bot Defense improvements summary
• • • • Confidential
Confidential
• No prior breach • Dozens of account takeovers left users picking up food bills they never ordered • Unsuspecting victims received receipts via email, after it was too late Fraudsters eat for free as Deliveroo accounts hit by mystery breach
70 MILLION 427 MILLION 150 MILLION 3 BILLION In the last 8 years more than 7.1 billion identities have been exposed in data breaches1 1) Symantec Internet Security Threat Report, April 2017 2) Password Statistics: The Bad, the Worse and the Ugly, Entrepreneur Media 117 MILLION “Nearly 3 out of 4 consumers use duplicate passwords, many of which have not been changed in five years or more”2 3 out of 4
USERNAME Credit Card Data USERNAME Intellectual Property USERNAME Healthcare Data USERNAME Passport Data USERNAME Financial Data USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME
Info on emerging threats What is it? Who does it affect? Protection strategy recommendations Application Threat Intelligence
Breached Credential Database Comparison WAF SOLUTION PROBLEM Distributed brute force protection
• • • • • • • • • • • New in ASM 13.1 Confidential
• New Mitigation techniques and actions Distributed Attack and Credential Stuffing detection Confidential
• • Confidential
1 4 2 1. User login to application 6 3 5 Auth Server 2. User redirected to authorisation server 3. Authorisation server requires authentication before authorisation 6. User access application 4. User logs in 5. Auth server grants token SOLUTION PROBLEM Token-based authorisation (OAuth)
• Improve user experience and registration workflow when logging into new sites • Ability for users to share community content • Improve application API sharing protection • Simplify user access to SaaS apps that support OAuth • APM serves as OAuth client for social login • APM is an authorization delegate for SaaS apps • APM protects and authorizes web services APIs DMZ AAA BIG-IP APM as Client DMZ Enterprise Resources BIG-IP APM as Authorization ServerOAuth Client External Authorization Server
• Centralization of authorization & SSO across apps including with non-OIDC enabled apps • Move to industry and App Developer friendly standardization for AuthN/Z across apps • App authorization or customization based on user identity from another Identity Provider • OpenID Connect for Client / Resource Server • Built-in support for Identity Providers: Azure AD, Google, and Ping • OpenID Connect for Authorization Server coming in BIG-IP v14.0 (Flatrock) Release Resource s OAuth 2.0 Client and Resource Server Identity Provider Network (1 ) (2 ) (5 ) (3 ) (7 ) Authorizatio n Server Resources Network (6 ) Any IDP AAA Server (4a ) AAA Server (4b)
• Mobile apps access or APIs access without an always-on or connection to the Identity Provider • Scaling for high volume API calls or clients • JWT required with for popular OAuth Identity Providers (i.e. Azure AD) • JWT tokens for APM as OAuth Authorization or Server Client / Resource Server – use digital signatures instead of statefull tokens that need validation • Access and Refresh Tokens (RFC 7519) • JWK (RFC 7517) and Well-known end points • Support for signing JWS (RFC 7515) • Support for asymmetric key rotation • Built-in JWT support for Identity Providers: Azure AD, ADFS, Amazon, F5, FB, Google Any IDP AAA Server (1b) AAA Server (1b) Enterprise Resources BIG-IP APM As Resource Server (RS) (2) (1a) (4) (3) Authorization Server (AS) OAuth Client (1c)
• Multi-level applications carry higher risk • Desire to add additional or multi-factor authentication (MFA) to secure parts of apps • Need to re-validate user credentials for certain high security sections of apps • Protects sections of apps with client certificates with validation, MFA providers that use HTTP or RADIUS AAA (DUO, Yubico, RSA SecurID), or local database • Credentials can be checked based on any session variable
• Scaling of on-prem MS ADFS for O365, MS on-prem apps, and other apps for federation without large TCO • Device posture checks and use of existing MFA vendor investments • Security concerns with having Windows in DMZ (MS WAP) • Issues with getting MS support previously with APM as ADFS proxy • Proxy for Active Directory Federation Services 3.0 & 4.0 • Replaces the Proxy functionality in Microsoft WAP • Secure access to Office365 from on-premises ADFS • Meets Proxy Integration Protocol (PIP) specifications • F5 APM provides proxy capability for pre-authentication (endpoint inspection and MFA support) enabling scaling of MS ADFS • First PIP implementation outside Microsoft Public Cloud Apps Private Cloud Apps Mobile User Remote User Contractor
Volumetric take-downs Consume bandwidth of target Network layer attack Consume connection state tables Application layer Consume application resources 2005 8 Gbps 2013 300 Gbps 2016 1.2 Tbps Source: How DDoS attacks evolved in the past 20 years, BetaNews
1.2 Tbps1 Tbps620 Gbps Mirai DDoS attacks Source: The Hunt for IoT: The Rise of Thingbots, F5 Labs, August 2017
Source: Securelist, Kaspersky Lab, March 2017 Low sophistication, high accessibility • Accessible Booters/stressers easy to find • Lucrative Profit margins of up to 95% • Effective Many DDoS victims pay up
Critical info on threat source and attack type trends Application Threat Intelligence
SOLUTION Customer Cloud Network and App Protection DDoS attacker DMZ Cloud-Based DDoS Mitigation Platform DDoS Hybrid Defender PROBLEM
• DDoS attacks are more complex – now multi-vectored • Detection of complex multi-vectored attacks is limited with static/single dimensional vectors • Aggregate Rate-limiting “catches” good traffic with bad • Per-SrcIP ineffective with spoofed IP’s or “wide” botnet attacks • Attack detection in both inline and out-of-band deployments • Sub-second attack detection • Detects anomalies compared against historical baseline • Statistical method baselines 3,000+ L3/4 metrics • Dynamically generates “signatures” (vectors) upon attack detection • On-demand/real-time “signature” creation and sharing • Targeted “signatures” = Low false positive rate • Detect-only mode allows review before enforcement Monitor and Baseline L3/L4 AFM
Per-App (VS) Auto-Thresholding and SrcIP Awareness • Administrators have difficulty determining correct static thresholds for DDoS • Normal traffic patterns change as applications evolve and administrators are unable to keep up • There is difficulty in distinguishing between “good guys” (legitimate traffic) and “bad actors” (threats) • Computes thresholds automatically for all 120+ DDoS vectors or only selected vectors • Thresholds are continuously adjusted based on changes in traffic patterns • “What-If” mode available, with report-only and no drops • Per-SrcIP awareness available on every vector • Significantly reduces human involvement and errors resulting in greater DDoS accuracy and lower operational impact
L7 DDoS Threshold Auto-Tuning • Determining appropriate DDoS thresholds is difficult • Ensuring DDoS threshold accuracy as traffic patterns change is a challenge • Simplifies DDoS threshold settings configuration • Safeguards accuracy of DDoS threshold settings as traffic patterns change • Analyzes measured resource usages and automatically establishes threshold values based on historic normalized traffic behavior • Thresholds can be automatically established per DeviceID, Source IP, URL and site wide, automatically adjusting to continuously strengthen attack responses • Drives efficiency, accuracy and control • Strengthens defense policies for greater application protection
• • • Confidential
© F5 Networks, Inc 55 Rate Limit to Protect the Server Detect and Block Bots and Bad Actors Create and Enforce Dynamic Signatures Analyze Application Stress and Continually Tune Mitigations. Start of Attack Identify Attackers Advanced Attacks Persistent Attacks Multiple Layers of Protection Even basic attacks can take an unprotected server down quickly. Persistent attackers will adjust tools, targets, sources and attack volume to defeat static DOS defenses. The f5 approach protects the server from the first moment of the attack and then analyzes the attack tools, sources and patterns to refine mitigations. These sophisticated protections maximize application availability while minimizing false positives.
© F5 Networks, Inc 56 Frequency(PPS) Browser Types TTL SRC-IP lower DstPort Chrome Firefox IE/Cortana Safari Opera Other L3/L4 Predicates t0 URI Referrer # Headers Other L7 Predicates Server Health
© F5 Networks, Inc 57 Frequency(PPS) Browser Types TTL SRC-IP lower DstPort Chrome Firefox IE/Cortana Safari Opera Server Health Other L3/L4 Predicates URI Referrer # Headers Other L7 Predicates Max (Chrome) Load (EPS) Chrome Firefox IE / Cortana Safari Opera Threshold Min (Chrome) Max (Chrome) Load (EPS) Threshold Min (Chrome) VR-N VR-A VR-B VR-C VR-D Max (Chrome) Load (EPS) Threshold Min (Chrome) VR-N VR-A VR-B VR-C VR-D
www.b.comHTTP Profile BADOS1 BADOS2 BADOS3 VS VS VS Confidential
In the first quarter of 2017, a new specimen of malware emerged every 4.2 seconds 1 in every 131 emails included malware in 2016 of all breaches in 2016 involved some form of malware Sources: 1) Malware trends 2017, G DATA Software 2) Symantec Internet Security Threat Report, April 2017 3) WannaCry Update, Rapid7 Blog, May 2017 4.2 seconds 1 in every 131 Over half (51%)
Use our research to learn about new types of malware Application Threat Intelligence
Injects into running processes Hooks functions inside Windows DLLs MitM – sends credentials to command and control center
WAF Man-in-the-Browser malware Online users SOLUTION PROBLEM
Drop zone Mobile Field Name Encryption AJAX JSON Hacker Bots DataSafe Encryption Users credentials 088373be1 = user 0x8xb28 = 12345 User = user Password = 12345 App-level encryption No Client or Impact to users Stolen credential cannot be re-used No app updates required Goes beyond TLS/SSL
What Are The Problems and Solutions? Sales have challenges in positioning subscriptions Existing sale model require registered users MiTB stealing credentials MiTM attacks What We Will Offer: Perpetual License Perpetual license, this is what sales are used to sell, easily add-on to any other product Message Level Encryption Encrypt sensitive fields such as password, similar to what we offer with WebSafe Add-on Module Add-on to any TMOS based platform, No user count, Price based on Platform 1 2 3
Hybrid DDoS Protection Fraud Prevention Access Control Powerful WAF
ANTI- DDoS APP INFRASTRUCTURE ANTI-DDoS DNSTLS/SSL ADVANCED WEB APPLICATION FIREWALL Web Application Attacks App Infrastructure Attacks DDoS Attacks Client-Side Attacks ANTI-DDoS BOT DEFENSE CREDENTIAL PROTECTION WEB ACCESS MANAGEMENT WAF IDENTITY ACCESS MGMT IAM DDoS Hybrid Defender Advanced WAF Access Management SSL Orchestrator
Key Benefits: • Protects Web and mobile apps from exploits, bots, theft, app-layer DoS • Prevent malware from stealing data and credentials • Prevent Brute Force attacks that use stolen credentials • Eliminate time-consuming manual tuning for App-layer DoS protection Defend against bots • Proactive bot defense • Anti-bot mobile SDK • Client and server monitoring Protect apps from DoS • Auto-tuning • Behavioral analytics • Dynamic signatures Prevent Account Takeover • App-level encryption • Mobile app tampering • Brute Force protection Mobile Bot Mitigation Credential Protection App-Layer DoS Hacker Anti-bot Mobile SDK Bots F5 Advanced WAF Users credentials
Key F5 Advantages ✓ Bot Protection ✓ Account Takeover ✓ App-Layer DoS Bot protection beyond signatures and reputation ✓ Web and mobile app protection ✓ Client fingerprinting ✓ Server performance monitoring Account Takeover that stops credential theft and abuse ✓ Application Layer Encryption ✓ Obfuscation and evasion detection ✓ Comprehensive Brute Force mitigation App-Layer DoS that adapts to changing apps ✓ Real-time application baselines ✓ Behavioral analysis with machine learning ✓ Dynamic signatures with low false positives
F5 Networks Positioned as a Leader in 2017 Gartner Magic Quadrant for Web Application Firewalls* F5 is highest in execution within the Leaders Quadrant. * Gartner, Magic Quadrant for Web Application Firewalls, Jeremy D’Hoinne, Adam Hils, Claudio Neiva, 7 August 2017
ASM Současná funkcionalita ASM L7 DDoS (BaDos Limited) Advanced Bot Protection WAFBase ADC
F5 Advanced WAF Současná funkcionalita ASM Nové služby obsažené v Advanced WAF L7 DDoS (BaDos Limited) Advanced Bot Protection WAFBase ADC BaDoS Unlimited DataSafe Upstream Signaling Bot Mobile SDK Advanced WAF licence Licenční add-on k Advanced WAF
• •
•
• • F5-ADD-BIG-ASM-I4XXX USD 24.145
• •
FY2017 FY2018 BIG-IP i2600 / i2800 BIG-IP i4600 / i4800 BIG-IP i76000 / i7800 BIG-IP i5600 / i5800 BIG-IP i10600 / i10800 BIG-IP i10600 / i10800Herculon-DHD F5 DHD DHD on selected hardware DHD on all BIG-IP hardware and VE Viprion 4480/4800
• • • • • • • •
K 1M 2M 3M 4M 5M 6M 7M 8M 9M 10M BIG-IP i2000 Series BIG-IP i4000 Series BIG-IP i5000 Series BIG-IP i7000 Series BIG-IP i10000 Series BIG-IP i11000 Series BIG-IP i15000 Series VIPRION 2200 + 2x B2250 VIPRION 2400 + 4x B2250 VIPRION 4480 + 4x B4450 VIPRION 4800 + 8x B4450 VIPRION 2400 8M L7 RPS 4M L4 CPS 320G L7/L4 TPUT VIPRION 4800 40M L7 RPS 23.2M L4 CPS 1120/1120 G L7/L4 TPUT Scalability and Performance of F5 Systems Flexible Performance Levels and On-demand Scalability BIG-IP i15600/i15800 10M L7 RPS 4.2M L4 CPS 160G/320G L7/L4 TPUT BIG-IP i2600 / i2800 560K L7 RPS 250K L4 CPS 10G L7/L4 TPUT BIG-IP i4600 / i4800 1.1M L7 RPS 500K L4 CPS 20G L7/L4 TPUT BIG-IP i76000 / i7800 3.0M L7 RPS 1.1M L4 CPS 40G/80G L7/L4 TPUTBIG-IP i5600 / i5800 1.8M L7 RPS 800K L4 CPS 35G /60G L7/L4 TPUT L7 RPS (inf-inf) BIG-IP i10600 / i10800 3.5M L7 RPS 1.5M L4 CPS 80G/160G L7/L4 TPUT BIG-IP i11600 / i11800 5.5M L7 RPS 2.5M L4 CPS 80G/160G L7/L4 TPUT VIPRION 2200 4M L7 RPS 2M L4 CPS 160G L7/L4 TPUT VIPRION 4480 20M L7 RPS 11.6M L4 CPS 560/560 L7 /L4 TPUT
© F5 Networks, Inc 84 iSeries TurboFlex Enhancement • GUI for selecting which TurboFlex profile to use • New features in TurboFlex Security Profile • Multiple DoS vector lookups (multi-layer attack mitigation) • Custom DoS Signatures In HW (Behavioral DoS) that provides dynamically programmable of HW signatures • Transparent L2 forwarding
NOVÉ METODY ZPOPLATNĚNÍ
© F5 Networks, Inc 86
© F5 Networks, Inc 88 L4-L7 WAFKritické aplikace DevOps Flexibilní licencování Automatizace Klíčové komponenty pro cloud
© F5 Networks, Inc 89 Flexibilní licencování od F5 – porovnání
• Deep technical expertise • Global footprint • Rapid resolution to issues • Monitoring tools and AskF5 • ISO 9001: 2008 BIG-IP Virtual Edition subscription SKUs • ELA compatible VE visions V11.4 forward • New versions will be added as available Premier Support Included in PriceProducts Covered GBB Level 25M 200M 1G 3G 5G 10G Good ● ● ● ● ● ● Better ● ● ● ● ● ● Best ● ● ● ● ● ● * - Maximum user license # - 250K / 1M License – End of Jan. 2018 Standalone Modules 25M 200M 1G 3G 5G 10G BIG-IP ASM ● ● ● BIG-IP AFM ● ● ● ● ● ● BIG-IP APM* ● ● BIG-IP DNS # 250K 1M Per-App VE 25M 200M BIG-IP LTM ● ● BIG-IP ASM ● ●
Significantly Reduce Your Initial Investments With Subscriptions 0 1 2 3 4 5 TotalInvestment Years Significantly Increase Ability To Support Your Apps With The Same Budget 16 18 37 40 44 93 $300K $500K $700K VE Version + VE Subscription 1G GOOD 1G BEST 1G BETTER More Than 3 Years Of Savings ~2.5X VEs With Subscription
F5 licence dostupné na Azure Market Place © 2017 F5 Networks 19
DEVELOP Source : F5 SOAD 2018Q. How is digital transformation influencing your application decisions? Select all that apply DEPLOY DELIVER IT’S CHANGING HOW WE DEVELOP APPS (MOVING TO AGILE) WE’RE USING AUTOMATION AND ORCHESTRATION ACROSS IT WE’RE MOVING TO DELIVER MORE APPS FROM THE PUBLIC CLOUD
AUTOMATION A Long Way
Free Self-service training program
Packaged and Priced for Per-Application Deployments Core Other Apps (e.g. Analytics/Business Intelligence, Digital Marketing) 48% Back Office Content Communications Collaboration 32% % of Budget Spent 12% 8% Source: Gartner Enterprise Software Forecast (June 2017) and F5 analysis • Supports 1 VIP (3-Virtual Servers) • Available Services: LTM and WAF • 25Mbps and 200Mbps Instances • TMOS v13.1.0.2 and above • Licensing using Big-IQ License Manager (included) • Consistent App Services across IT • Pricing starting at $395* (*- VE Subscription/ELA) Per-App Virtual Edition L7 Traffic Mgmt and Security (LTM, ASM) F5 BIG-IQ License Manager App N – 200M App 2 – 200M App 1 – 25M
Per-App VE# VE# # of Applications Supported 1 Virtual IP* & 3 virtual servers No Limit App Services • LTM • WAF GBB (all app services) Throughput Instances 25M, 200M 25M, 200M, 1G, 3G, 5G, 10G Consumption Models Subscription, ELA, Perpetual Subscription, ELA, Perpetual, PAYG Code base (TMOS) Same Ecosystem Support (Private Cloud, Container Integration) Same (* - 1 wild-card included in Virtual IP)# - Open VMware tool & Advanced WAF with 13.1.0.2 release
Up to 75% Off Standard BIG-IP VE List Prices Supports Broader F5 Usage In Enterprise App Infrastructures
AUTOMATION TOOLKITS PUBLIC CLOUD PROVIDERS PRIVATE CLOUD AND OPEN-SOURCE PLATFORMS MICROSERVICES IN CONTAINER ENVIRONMENTS
Automation Platform Cloud Infrastructure
Novinky F5 pro rok 2018

Recomendados

Lior rotkovitch ASM WAF unified learning – building policy with asm v12
Lior rotkovitch ASM WAF unified learning – building policy with asm v12Lior rotkovitch ASM WAF unified learning – building policy with asm v12
Lior rotkovitch ASM WAF unified learning – building policy with asm v12Lior Rotkovitch
 
Novinky F5
Novinky F5Novinky F5
Novinky F5MarketingArrowECS_CZ
 
Taking the Fear out of WAF
Taking the Fear out of WAFTaking the Fear out of WAF
Taking the Fear out of WAFBrian A. McHenry
 
F5 Web Application Security
F5 Web Application SecurityF5 Web Application Security
F5 Web Application SecurityMarketingArrowECS_CZ
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS ProtectionMarketingArrowECS_CZ
 
Evolution of WAF - Stop Worrying About Vulnerabilities
Evolution of WAF - Stop Worrying About VulnerabilitiesEvolution of WAF - Stop Worrying About Vulnerabilities
Evolution of WAF - Stop Worrying About VulnerabilitiesBrian A. McHenry
 
F5 ASM v12 DDoS best practices
F5 ASM v12 DDoS best practices F5 ASM v12 DDoS best practices
F5 ASM v12 DDoS best practices Lior Rotkovitch
 
Web Socket ASM support lior rotkovitch
Web Socket ASM support lior rotkovitchWeb Socket ASM support lior rotkovitch
Web Socket ASM support lior rotkovitchLior Rotkovitch
 

Recomendados

Lior rotkovitch ASM WAF unified learning – building policy with asm v12
Lior rotkovitch ASM WAF unified learning – building policy with asm v12Lior rotkovitch ASM WAF unified learning – building policy with asm v12
Lior rotkovitch ASM WAF unified learning – building policy with asm v12Lior Rotkovitch
 
Novinky F5
Novinky F5Novinky F5
Novinky F5MarketingArrowECS_CZ
 
Taking the Fear out of WAF
Taking the Fear out of WAFTaking the Fear out of WAF
Taking the Fear out of WAFBrian A. McHenry
 
F5 Web Application Security
F5 Web Application SecurityF5 Web Application Security
F5 Web Application SecurityMarketingArrowECS_CZ
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS ProtectionMarketingArrowECS_CZ
 
Evolution of WAF - Stop Worrying About Vulnerabilities
Evolution of WAF - Stop Worrying About VulnerabilitiesEvolution of WAF - Stop Worrying About Vulnerabilities
Evolution of WAF - Stop Worrying About VulnerabilitiesBrian A. McHenry
 
F5 ASM v12 DDoS best practices
F5 ASM v12 DDoS best practices F5 ASM v12 DDoS best practices
F5 ASM v12 DDoS best practices Lior Rotkovitch
 
Web Socket ASM support lior rotkovitch
Web Socket ASM support lior rotkovitchWeb Socket ASM support lior rotkovitch
Web Socket ASM support lior rotkovitchLior Rotkovitch
 
F5 TMOS v13.0
F5 TMOS v13.0F5 TMOS v13.0
F5 TMOS v13.0MarketingArrowECS_CZ
 
Bezpečnostní architektura F5
Bezpečnostní architektura F5Bezpečnostní architektura F5
Bezpečnostní architektura F5MarketingArrowECS_CZ
 
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 cleanWAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 cleanLior Rotkovitch
 
F5 BIG-IP Misconfigurations
F5 BIG-IP MisconfigurationsF5 BIG-IP Misconfigurations
F5 BIG-IP MisconfigurationsDenis Kolegov
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk managementAEC Networks
 
The WAF book intro protection elements v1.0 lior rotkovitch
The WAF book intro protection elements v1.0 lior rotkovitchThe WAF book intro protection elements v1.0 lior rotkovitch
The WAF book intro protection elements v1.0 lior rotkovitchLior Rotkovitch
 
F5 BigIP LTM Initial, Build, Install and Licensing.
F5 BigIP LTM Initial, Build, Install and Licensing.F5 BigIP LTM Initial, Build, Install and Licensing.
F5 BigIP LTM Initial, Build, Install and Licensing.Kapil Sabharwal
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Deivid Toledo
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshowpatmisasi
 
GDPR v pojetí F5
GDPR v pojetí F5GDPR v pojetí F5
GDPR v pojetí F5MarketingArrowECS_CZ
 
F5 Meetup presentation automation 2017
F5 Meetup presentation automation 2017F5 Meetup presentation automation 2017
F5 Meetup presentation automation 2017Guy Brown
 
The DNS Tunneling Blindspot
The DNS Tunneling BlindspotThe DNS Tunneling Blindspot
The DNS Tunneling BlindspotBrian A. McHenry
 
Vfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reporterVfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reportervfmindia
 
Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...solarisyourep
 
Bluecoat Services
Bluecoat ServicesBluecoat Services
Bluecoat ServicesChessBall
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackCloudflare
 
F5 EMEA Webinar Oct'15: http2 how to ease the transition
F5 EMEA Webinar Oct'15: http2 how to ease the transitionF5 EMEA Webinar Oct'15: http2 how to ease the transition
F5 EMEA Webinar Oct'15: http2 how to ease the transitionDmitry Tikhovich
 
F5 SIRT - F5 ASM WAF - DDoS protection
F5 SIRT - F5 ASM WAF - DDoS protection F5 SIRT - F5 ASM WAF - DDoS protection
F5 SIRT - F5 ASM WAF - DDoS protection Lior Rotkovitch
 
F5 Offers Advanced Web Security With BIG-IP v10.1
F5 Offers Advanced Web Security With BIG-IP v10.1F5 Offers Advanced Web Security With BIG-IP v10.1
F5 Offers Advanced Web Security With BIG-IP v10.1DSorensenCPR
 
F5 TLS & SSL Practices
F5 TLS & SSL PracticesF5 TLS & SSL Practices
F5 TLS & SSL PracticesBrian A. McHenry
 
Cybersecurity update 12
Cybersecurity update 12Cybersecurity update 12
Cybersecurity update 12Jim Kaplan CIA CFE
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 

Más contenido relacionado

La actualidad más candente

WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 cleanWAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 cleanLior Rotkovitch
 
F5 BIG-IP Misconfigurations
F5 BIG-IP MisconfigurationsF5 BIG-IP Misconfigurations
F5 BIG-IP MisconfigurationsDenis Kolegov
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk managementAEC Networks
 
The WAF book intro protection elements v1.0 lior rotkovitch
The WAF book intro protection elements v1.0 lior rotkovitchThe WAF book intro protection elements v1.0 lior rotkovitch
The WAF book intro protection elements v1.0 lior rotkovitchLior Rotkovitch
 
F5 BigIP LTM Initial, Build, Install and Licensing.
F5 BigIP LTM Initial, Build, Install and Licensing.F5 BigIP LTM Initial, Build, Install and Licensing.
F5 BigIP LTM Initial, Build, Install and Licensing.Kapil Sabharwal
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Deivid Toledo
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshowpatmisasi
 
F5 Meetup presentation automation 2017
F5 Meetup presentation automation 2017F5 Meetup presentation automation 2017
F5 Meetup presentation automation 2017Guy Brown
 
The DNS Tunneling Blindspot
The DNS Tunneling BlindspotThe DNS Tunneling Blindspot
The DNS Tunneling BlindspotBrian A. McHenry
 
Vfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reporterVfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reportervfmindia
 
Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...solarisyourep
 
Bluecoat Services
Bluecoat ServicesBluecoat Services
Bluecoat ServicesChessBall
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackCloudflare
 
F5 EMEA Webinar Oct'15: http2 how to ease the transition
F5 EMEA Webinar Oct'15: http2 how to ease the transitionF5 EMEA Webinar Oct'15: http2 how to ease the transition
F5 EMEA Webinar Oct'15: http2 how to ease the transitionDmitry Tikhovich
 
F5 SIRT - F5 ASM WAF - DDoS protection
F5 SIRT - F5 ASM WAF - DDoS protection F5 SIRT - F5 ASM WAF - DDoS protection
F5 SIRT - F5 ASM WAF - DDoS protection Lior Rotkovitch
 
F5 Offers Advanced Web Security With BIG-IP v10.1
F5 Offers Advanced Web Security With BIG-IP v10.1F5 Offers Advanced Web Security With BIG-IP v10.1
F5 Offers Advanced Web Security With BIG-IP v10.1DSorensenCPR
 

La actualidad más candente (20)

F5 TMOS v13.0
F5 TMOS v13.0F5 TMOS v13.0
F5 TMOS v13.0
 
Bezpečnostní architektura F5
Bezpečnostní architektura F5Bezpečnostní architektura F5
Bezpečnostní architektura F5
 
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 cleanWAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
WAF ASM / Advance WAF - Brute force lior rotkovitch f5 sirt v5 clean
 
F5 BIG-IP Misconfigurations
F5 BIG-IP MisconfigurationsF5 BIG-IP Misconfigurations
F5 BIG-IP Misconfigurations
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk management
 
The WAF book intro protection elements v1.0 lior rotkovitch
The WAF book intro protection elements v1.0 lior rotkovitchThe WAF book intro protection elements v1.0 lior rotkovitch
The WAF book intro protection elements v1.0 lior rotkovitch
 
F5 BigIP LTM Initial, Build, Install and Licensing.
F5 BigIP LTM Initial, Build, Install and Licensing.F5 BigIP LTM Initial, Build, Install and Licensing.
F5 BigIP LTM Initial, Build, Install and Licensing.
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshow
 
GDPR v pojetí F5
GDPR v pojetí F5GDPR v pojetí F5
GDPR v pojetí F5
 
F5 Meetup presentation automation 2017
F5 Meetup presentation automation 2017F5 Meetup presentation automation 2017
F5 Meetup presentation automation 2017
 
The DNS Tunneling Blindspot
The DNS Tunneling BlindspotThe DNS Tunneling Blindspot
The DNS Tunneling Blindspot
 
Vfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reporterVfm bluecoat proxy sg solution with web filter and reporter
Vfm bluecoat proxy sg solution with web filter and reporter
 
Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...Presentation network design and security for your v mware view deployment w...
Presentation network design and security for your v mware view deployment w...
 
Bluecoat Services
Bluecoat ServicesBluecoat Services
Bluecoat Services
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS Attack
 
F5 EMEA Webinar Oct'15: http2 how to ease the transition
F5 EMEA Webinar Oct'15: http2 how to ease the transitionF5 EMEA Webinar Oct'15: http2 how to ease the transition
F5 EMEA Webinar Oct'15: http2 how to ease the transition
 
F5 SIRT - F5 ASM WAF - DDoS protection
F5 SIRT - F5 ASM WAF - DDoS protection F5 SIRT - F5 ASM WAF - DDoS protection
F5 SIRT - F5 ASM WAF - DDoS protection
 
F5 Offers Advanced Web Security With BIG-IP v10.1
F5 Offers Advanced Web Security With BIG-IP v10.1F5 Offers Advanced Web Security With BIG-IP v10.1
F5 Offers Advanced Web Security With BIG-IP v10.1
 
F5 TLS & SSL Practices
F5 TLS & SSL PracticesF5 TLS & SSL Practices
F5 TLS & SSL Practices
 

Similar a Novinky F5 pro rok 2018

Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...Codecamp Romania
 
Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec TrainingMike Spaulding
 
Scalable threat modelling with risk patterns
Scalable threat modelling with risk patternsScalable threat modelling with risk patterns
Scalable threat modelling with risk patternsStephen de Vries
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101Cloudflare
 
Threat modeling with architectural risk patterns
Threat modeling with architectural risk patternsThreat modeling with architectural risk patterns
Threat modeling with architectural risk patternsStephen de Vries
 
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionReducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionAlert Logic
 
Microsoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveMicrosoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveBenedek Menesi
 
5 step plan to securing your APIs
5 step plan to securing your APIs5 step plan to securing your APIs
5 step plan to securing your APIs💻 Javier Garza
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSebastien Deleersnyder
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cloudflare
 
Hackers versus Developers and Secure Web Programming
Hackers versus Developers and Secure Web ProgrammingHackers versus Developers and Secure Web Programming
Hackers versus Developers and Secure Web ProgrammingAkash Mahajan
 
Top Application Security Trends of 2012
Top Application Security Trends of 2012Top Application Security Trends of 2012
Top Application Security Trends of 2012DaveEdwards12
 
Get Ready for Web Application Security Testing
Get Ready for Web Application Security TestingGet Ready for Web Application Security Testing
Get Ready for Web Application Security TestingAlan Kan
 
Jan 2008 Allup
Jan 2008 AllupJan 2008 Allup
Jan 2008 Allupllangit
 
Cloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksCloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksHarry Gunns
 
Application Security-Understanding The Horizon
Application Security-Understanding The HorizonApplication Security-Understanding The Horizon
Application Security-Understanding The HorizonLalit Kale
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityColin English
 

Similar a Novinky F5 pro rok 2018 (20)

Cybersecurity update 12
Cybersecurity update 12Cybersecurity update 12
Cybersecurity update 12
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
 
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
Iasi code camp 12 october 2013 ana tudosa - challenges in implementing and ...
 
Bank One App Sec Training
Bank One App Sec TrainingBank One App Sec Training
Bank One App Sec Training
 
Scalable threat modelling with risk patterns
Scalable threat modelling with risk patternsScalable threat modelling with risk patterns
Scalable threat modelling with risk patterns
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101
 
Threat modeling with architectural risk patterns
Threat modeling with architectural risk patternsThreat modeling with architectural risk patterns
Threat modeling with architectural risk patterns
 
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionReducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
 
Microsoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's PerspectiveMicrosoft365 from a Hacker's Perspective
Microsoft365 from a Hacker's Perspective
 
5 step plan to securing your APIs
5 step plan to securing your APIs5 step plan to securing your APIs
5 step plan to securing your APIs
 
Solvay secure application layer v2015 seba
Solvay secure application layer v2015 sebaSolvay secure application layer v2015 seba
Solvay secure application layer v2015 seba
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
 
Hackers versus Developers and Secure Web Programming
Hackers versus Developers and Secure Web ProgrammingHackers versus Developers and Secure Web Programming
Hackers versus Developers and Secure Web Programming
 
Top Application Security Trends of 2012
Top Application Security Trends of 2012Top Application Security Trends of 2012
Top Application Security Trends of 2012
 
Get Ready for Web Application Security Testing
Get Ready for Web Application Security TestingGet Ready for Web Application Security Testing
Get Ready for Web Application Security Testing
 
Jan 2008 Allup
Jan 2008 AllupJan 2008 Allup
Jan 2008 Allup
 
Cloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksCloud Security Primer - F5 Networks
Cloud Security Primer - F5 Networks
 
Application Security-Understanding The Horizon
Application Security-Understanding The HorizonApplication Security-Understanding The Horizon
Application Security-Understanding The Horizon
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 

Más de MarketingArrowECS_CZ

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfMarketingArrowECS_CZ
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!MarketingArrowECS_CZ
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?MarketingArrowECS_CZ
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaMarketingArrowECS_CZ
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceMarketingArrowECS_CZ
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeMarketingArrowECS_CZ
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle softwareMarketingArrowECS_CZ
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?MarketingArrowECS_CZ
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoMarketingArrowECS_CZ
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. částMarketingArrowECS_CZ
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. částMarketingArrowECS_CZ
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageMarketingArrowECS_CZ
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeMarketingArrowECS_CZ
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částMarketingArrowECS_CZ
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částMarketingArrowECS_CZ
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyMarketingArrowECS_CZ
 

Más de MarketingArrowECS_CZ (20)

INFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdfINFINIDAT InfiniGuard - 20220330.pdf
INFINIDAT InfiniGuard - 20220330.pdf
 
Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!Využijte svou Oracle databázi na maximum!
Využijte svou Oracle databázi na maximum!
 
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?Jak konsolidovat Vaše databáze s využitím Cloud služeb?
Jak konsolidovat Vaše databáze s využitím Cloud služeb?
 
Chráníte správně svoje data?
Chráníte správně svoje data?Chráníte správně svoje data?
Chráníte správně svoje data?
 
Oracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management PlatformaOracle databáze – Konsolidovaná Data Management Platforma
Oracle databáze – Konsolidovaná Data Management Platforma
 
Nové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database ApplianceNové vlastnosti Oracle Database Appliance
Nové vlastnosti Oracle Database Appliance
 
Infinidat InfiniGuard
Infinidat InfiniGuardInfinidat InfiniGuard
Infinidat InfiniGuard
 
Infinidat InfiniBox
Infinidat InfiniBoxInfinidat InfiniBox
Infinidat InfiniBox
 
Novinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databázeNovinky ve světě Oracle DB a koncept konvergované databáze
Novinky ve světě Oracle DB a koncept konvergované databáze
 
Základy licencování Oracle software
Základy licencování Oracle softwareZáklady licencování Oracle software
Základy licencování Oracle software
 
Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?Garance 100% dostupnosti dat! Kdo z vás to má?
Garance 100% dostupnosti dat! Kdo z vás to má?
 
Využijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplnoVyužijte svou Oracle databázi naplno
Využijte svou Oracle databázi naplno
 
Oracle Data Protection - 2. část
Oracle Data Protection - 2. částOracle Data Protection - 2. část
Oracle Data Protection - 2. část
 
Oracle Data Protection - 1. část
Oracle Data Protection - 1. částOracle Data Protection - 1. část
Oracle Data Protection - 1. část
 
Benefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): StorageBenefity Oracle Cloudu (4/4): Storage
Benefity Oracle Cloudu (4/4): Storage
 
Benefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): ComputeBenefity Oracle Cloudu (3/4): Compute
Benefity Oracle Cloudu (3/4): Compute
 
InfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníkaInfiniBox z pohledu zákazníka
InfiniBox z pohledu zákazníka
 
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. částExadata z pohledu zákazníka a novinky generace X8M - 2. část
Exadata z pohledu zákazníka a novinky generace X8M - 2. část
 
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. částExadata z pohledu zákazníka a novinky generace X8M - 1. část
Exadata z pohledu zákazníka a novinky generace X8M - 1. část
 
Úvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastrukturyÚvod do Oracle Cloud infrastruktury
Úvod do Oracle Cloud infrastruktury
 

Último

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 

Último (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 

Novinky F5 pro rok 2018

  • 1. Novinky F5 Filip Kolář, Sales Manager F5, ČR Radovan Gibala, Presales Engineer F5, ČR
  • 3.
  • 4.
  • 5.
  • 7. YOUR DATA HAS VALUE “In 429 reported breaches studied between 2005 and 2017, attackers have profited $2.75 billion.” F5 Labs Research APPLICATIONS ARE THE BUSINESS
  • 8. Web App Attacks are the #1 Source of Data Breaches 1% 2% 4% 5% 9% 11% 11% 14% 15% 29% 0% 5% 10% 15% 20% 25% 30% 35% Denial of Service Crimeware Physical Theft and Loss Payment Card Skimmers Everything Else Point of Sale Miscellaneous Errors Privilege Misuse Cyber-Espionage Web App Attacks 29% 2017 Verizon Data Breach Investigations Report ”Web Application Attacks remains the most prevalent” “Use of stolen credentials against web applications was the dominant hacking tactic“
  • 9.
  • 10. “Ransomware Surges Again As Cybercrime-as-Service Becomes Mainstream for Crooks” ZD Net “Russian Hackers Selling Login Credentials of UK Politicians, Diplomats ‒ Report” The Register “Rent-a-Botnet Services Making Massive DDoS Attacks More Common Than Ever Before” PC World “IoT Botnets Are Growing ‒ and Up for Hire” MIT Technology Review “Attacker Demands Ransom After Series of DDoS Attacks on Poker Site” Hack Read “Hacked Yahoo Data Is for Sale on Dark Web” New York Times “93% of breaches in 2016 involved organised crime” Source: Verizon 2017 Data Breach Investigations Report
  • 11. APP SERVICES ACCESS TLS DNS NETWORK CLIENT THE APPLICATION IS THE GATEWAY TO DATA Understand the application
  • 12. CLIENT Man-in-the-browser Session hijacking Malware Cross-site scripting Cross-site request forgery DNS hijacking DNS spoofing DNS cache poisoning Man-in-the-middle Dictionary attacks DDoS DNS Eavesdropping Protocol abuse Man-in-the-middle DDoS NETWORK Certificate spoofing Protocol abuse Session hijacking Key disclosure DDoS TLS Credential theft Credential stuffing Session hijacking Brute force Phishing ACCESS API attacks Injection Abuse of functionality Man-in-the-middle DDoS Malware Cross-site scripting Cross-site request forgery APP SERVICES
  • 13. REPORTS ARTICLES BLOGS “IoT Devices are the Latest Minions in Cyber Weaponry Toolkits” “Mirai: The IoT Bot That Took Down Krebs and Launched a Tbps Attack on OVH” “IoT Threats: A First Step into a Much Larger World of Mayhem” Search by topic, type, tag, and author. F5Labs.com Visit Us at F5Labs.com
  • 14. Intel  Action “Hackers Are Going Phishing In An Overstocked Pond” “Applications are the Targets, Identities are the Exploit Key” “DDoS is Plug and Play at Rates your Network Can’t Sustain” TECHNICAL IDENTITY APPLICATION Administrative Recommendation: Define your DDoS strategy: on-premises, hybrid, or cloud? Identity Recommendation: Implement ID federation and multi-factor authentication (MFA). Administrative Recommendation: Train your entire staff on phishing regularly. Technical Recommendation: Implement a WAF to bridge the gap between detection and remediation. Application Recommendation: Automated vulnerability remediation with a WAF. Preventative Recommendation: Implement MFA to ensure compromised credentials don’t compromise your app! ADMINISTRATIVE PREVENTATIVEADMINISTRATIVE
  • 15. Application Threat Intelligence Free to the public at Client-Side Attacks Malware Ransomware Man-in-the-browser Session hijacking Cross-site request forgery Cross-site scripting DDoS Attacks SYN, UDP, and HTTP floods SSL renegotiation DNS amplification Heavy URL App Infrastructure Attacks Man-in-the-middle Key disclosure Eavesdropping DNS cache poisoning DNS spoofing DNS hijacking Protocol abuse Dictionary attacks Web Application Attacks API attacks Cross-site scripting Injection Cross-site request forgery Malware Abuse of functionality Man-in-the-middle Credential theft Credential stuffing Phishing Certificate spoofing Protocol abuse f5labs.com
  • 16. DDoS Attacks Ransomware Web Fraud Credential Stuffing Malware Phishing Malicious Bots
  • 17.
  • 18. of Internet traffic is automated of 2016 web application breaches involved the use of bots 98.6M bots observed Source: Internet Security Threat Report, Symantec, April 2017
  • 19. Client-Side Attacks Malware Ransomware Man-in-the-browser Session hijacking Cross-site request forgery Cross-site scripting DDoS Attacks SYN, UDP, and HTTP floods SSL renegotiation DNS amplification Heavy URL App Infrastructure Attacks Man-in-the-middle Key disclosure Eavesdropping DNS cache poisoning DNS spoofing DNS hijacking Protocol abuse Dictionary attacks Web Application Attacks API attacks Cross-site scripting Injection Cross-site request forgery Malware Abuse of functionality Man-in-the-middle Credential theft Credential stuffing Phishing Certificate spoofing Protocol abuse Acommon source of many threat vectors Malware Ransomware Man-in-the-browser Cross-site scripting Dictionary attacks SYN, UDP, and HTTP floods SSL renegotiation DNS amplication Heavy URL API attacks Cross-site scripting Injection Malware Abuse of functionality Credential stuffing Phishing
  • 20. Application Threat Intelligence Reaper panic The latest thingbot making press waves was predicted in "The Hunt for IoT" volume 3
  • 21. Web Scraping Protection Pro-Active Bot Prevention L7 DoS WAF SOLUTION PROBLEM Behavioural analysis to identify malicious bots
  • 22. © F5 Networks, Inc 22 Proactive Bot Defense and Bot Signature
  • 23. © F5 Networks, Inc 23 PBD - Client side integrity defense - flow User Browser DoS Profile App First main page access HTTP Request (no cookie) Computational challenge Solve challenge/ set cookie with time stamp HTTP Request (cookie) Reconstruct request Original HTTP Request HTTP Response (main page) HTTP Response (main page) More object requests (cookie) Validate cookie: format & time stamp More object requests More responses More responsesDeliver page
  • 24. © F5 Networks, Inc 24 Bots that simulate browsers Web Server I’m a Bot that simulate browser ASM: ok, what are your capability ? If you will not answer right you will have to answer a CAPTCHA No you are not, bye bye -> block this guy. DNS Server Bummer Capability ? CATPCHA ?
  • 25. © F5 Networks, Inc 25 Client Capabilities -challenge script flow User Browser DoS Profile App First request GET /sell.php GET /sell.php (no cookie) Client Capabilities Challenge response Return Client Capabilities verification Reconstruct request HTTP Response (cookie) HTTP Response GET /img.png (cookie) Blank page & Set cookie Original HTTP Request + cookie 1. Authenticate and decrypted JS results, 2. Compute browser score based on result 3. Determine an action based on score GET /img.png (cookie) Validate cookie: format & time stamp
  • 26. © F5 Networks, Inc 26 How bots that simulate browsers are evaluated and scored Evaluating request High Score Pass Low Score Send CAPTCHA and If valid CAPTCHA – Pass Otherwise - Block 0 – 59 – browser 60 – 99 – Unknown 100 – Bot
  • 27. © F5 Networks, Inc 27 • PBD interaction with Bot signature – Benign white list • Identification of browsers discrepancies utilizing I can use and Modernizr databases (updates same time as other attack signatures) • Databases are updated with the ASM attack signatures and the bot signatures • Giving score to browsers and executing relevant actions: • Pass request to the server • CAPTCHA to verify human • Block bots Proactive Bot Defense improvements summary
  • 30.
  • 31. • No prior breach • Dozens of account takeovers left users picking up food bills they never ordered • Unsuspecting victims received receipts via email, after it was too late Fraudsters eat for free as Deliveroo accounts hit by mystery breach
  • 32. 70 MILLION 427 MILLION 150 MILLION 3 BILLION In the last 8 years more than 7.1 billion identities have been exposed in data breaches1 1) Symantec Internet Security Threat Report, April 2017 2) Password Statistics: The Bad, the Worse and the Ugly, Entrepreneur Media 117 MILLION “Nearly 3 out of 4 consumers use duplicate passwords, many of which have not been changed in five years or more”2 3 out of 4
  • 33. USERNAME Credit Card Data USERNAME Intellectual Property USERNAME Healthcare Data USERNAME Passport Data USERNAME Financial Data USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME USERNAME
  • 34. Info on emerging threats What is it? Who does it affect? Protection strategy recommendations Application Threat Intelligence
  • 37. • New Mitigation techniques and actions Distributed Attack and Credential Stuffing detection Confidential
  • 39. 1 4 2 1. User login to application 6 3 5 Auth Server 2. User redirected to authorisation server 3. Authorisation server requires authentication before authorisation 6. User access application 4. User logs in 5. Auth server grants token SOLUTION PROBLEM Token-based authorisation (OAuth)
  • 40. • Improve user experience and registration workflow when logging into new sites • Ability for users to share community content • Improve application API sharing protection • Simplify user access to SaaS apps that support OAuth • APM serves as OAuth client for social login • APM is an authorization delegate for SaaS apps • APM protects and authorizes web services APIs DMZ AAA BIG-IP APM as Client DMZ Enterprise Resources BIG-IP APM as Authorization ServerOAuth Client External Authorization Server
  • 41. • Centralization of authorization & SSO across apps including with non-OIDC enabled apps • Move to industry and App Developer friendly standardization for AuthN/Z across apps • App authorization or customization based on user identity from another Identity Provider • OpenID Connect for Client / Resource Server • Built-in support for Identity Providers: Azure AD, Google, and Ping • OpenID Connect for Authorization Server coming in BIG-IP v14.0 (Flatrock) Release Resource s OAuth 2.0 Client and Resource Server Identity Provider Network (1 ) (2 ) (5 ) (3 ) (7 ) Authorizatio n Server Resources Network (6 ) Any IDP AAA Server (4a ) AAA Server (4b)
  • 42. • Mobile apps access or APIs access without an always-on or connection to the Identity Provider • Scaling for high volume API calls or clients • JWT required with for popular OAuth Identity Providers (i.e. Azure AD) • JWT tokens for APM as OAuth Authorization or Server Client / Resource Server – use digital signatures instead of statefull tokens that need validation • Access and Refresh Tokens (RFC 7519) • JWK (RFC 7517) and Well-known end points • Support for signing JWS (RFC 7515) • Support for asymmetric key rotation • Built-in JWT support for Identity Providers: Azure AD, ADFS, Amazon, F5, FB, Google Any IDP AAA Server (1b) AAA Server (1b) Enterprise Resources BIG-IP APM As Resource Server (RS) (2) (1a) (4) (3) Authorization Server (AS) OAuth Client (1c)
  • 43. • Multi-level applications carry higher risk • Desire to add additional or multi-factor authentication (MFA) to secure parts of apps • Need to re-validate user credentials for certain high security sections of apps • Protects sections of apps with client certificates with validation, MFA providers that use HTTP or RADIUS AAA (DUO, Yubico, RSA SecurID), or local database • Credentials can be checked based on any session variable
  • 44. • Scaling of on-prem MS ADFS for O365, MS on-prem apps, and other apps for federation without large TCO • Device posture checks and use of existing MFA vendor investments • Security concerns with having Windows in DMZ (MS WAP) • Issues with getting MS support previously with APM as ADFS proxy • Proxy for Active Directory Federation Services 3.0 & 4.0 • Replaces the Proxy functionality in Microsoft WAP • Secure access to Office365 from on-premises ADFS • Meets Proxy Integration Protocol (PIP) specifications • F5 APM provides proxy capability for pre-authentication (endpoint inspection and MFA support) enabling scaling of MS ADFS • First PIP implementation outside Microsoft Public Cloud Apps Private Cloud Apps Mobile User Remote User Contractor
  • 45.
  • 46. Volumetric take-downs Consume bandwidth of target Network layer attack Consume connection state tables Application layer Consume application resources 2005 8 Gbps 2013 300 Gbps 2016 1.2 Tbps Source: How DDoS attacks evolved in the past 20 years, BetaNews
  • 47. 1.2 Tbps1 Tbps620 Gbps Mirai DDoS attacks Source: The Hunt for IoT: The Rise of Thingbots, F5 Labs, August 2017
  • 48. Source: Securelist, Kaspersky Lab, March 2017 Low sophistication, high accessibility • Accessible Booters/stressers easy to find • Lucrative Profit margins of up to 95% • Effective Many DDoS victims pay up
  • 49. Critical info on threat source and attack type trends Application Threat Intelligence
  • 50. SOLUTION Customer Cloud Network and App Protection DDoS attacker DMZ Cloud-Based DDoS Mitigation Platform DDoS Hybrid Defender PROBLEM
  • 51. • DDoS attacks are more complex – now multi-vectored • Detection of complex multi-vectored attacks is limited with static/single dimensional vectors • Aggregate Rate-limiting “catches” good traffic with bad • Per-SrcIP ineffective with spoofed IP’s or “wide” botnet attacks • Attack detection in both inline and out-of-band deployments • Sub-second attack detection • Detects anomalies compared against historical baseline • Statistical method baselines 3,000+ L3/4 metrics • Dynamically generates “signatures” (vectors) upon attack detection • On-demand/real-time “signature” creation and sharing • Targeted “signatures” = Low false positive rate • Detect-only mode allows review before enforcement Monitor and Baseline L3/L4 AFM
  • 52. Per-App (VS) Auto-Thresholding and SrcIP Awareness • Administrators have difficulty determining correct static thresholds for DDoS • Normal traffic patterns change as applications evolve and administrators are unable to keep up • There is difficulty in distinguishing between “good guys” (legitimate traffic) and “bad actors” (threats) • Computes thresholds automatically for all 120+ DDoS vectors or only selected vectors • Thresholds are continuously adjusted based on changes in traffic patterns • “What-If” mode available, with report-only and no drops • Per-SrcIP awareness available on every vector • Significantly reduces human involvement and errors resulting in greater DDoS accuracy and lower operational impact
  • 53. L7 DDoS Threshold Auto-Tuning • Determining appropriate DDoS thresholds is difficult • Ensuring DDoS threshold accuracy as traffic patterns change is a challenge • Simplifies DDoS threshold settings configuration • Safeguards accuracy of DDoS threshold settings as traffic patterns change • Analyzes measured resource usages and automatically establishes threshold values based on historic normalized traffic behavior • Thresholds can be automatically established per DeviceID, Source IP, URL and site wide, automatically adjusting to continuously strengthen attack responses • Drives efficiency, accuracy and control • Strengthens defense policies for greater application protection
  • 55. © F5 Networks, Inc 55 Rate Limit to Protect the Server Detect and Block Bots and Bad Actors Create and Enforce Dynamic Signatures Analyze Application Stress and Continually Tune Mitigations. Start of Attack Identify Attackers Advanced Attacks Persistent Attacks Multiple Layers of Protection Even basic attacks can take an unprotected server down quickly. Persistent attackers will adjust tools, targets, sources and attack volume to defeat static DOS defenses. The f5 approach protects the server from the first moment of the attack and then analyzes the attack tools, sources and patterns to refine mitigations. These sophisticated protections maximize application availability while minimizing false positives.
  • 56. © F5 Networks, Inc 56 Frequency(PPS) Browser Types TTL SRC-IP lower DstPort Chrome Firefox IE/Cortana Safari Opera Other L3/L4 Predicates t0 URI Referrer # Headers Other L7 Predicates Server Health
  • 57. © F5 Networks, Inc 57 Frequency(PPS) Browser Types TTL SRC-IP lower DstPort Chrome Firefox IE/Cortana Safari Opera Server Health Other L3/L4 Predicates URI Referrer # Headers Other L7 Predicates Max (Chrome) Load (EPS) Chrome Firefox IE / Cortana Safari Opera Threshold Min (Chrome) Max (Chrome) Load (EPS) Threshold Min (Chrome) VR-N VR-A VR-B VR-C VR-D Max (Chrome) Load (EPS) Threshold Min (Chrome) VR-N VR-A VR-B VR-C VR-D
  • 59.
  • 60. In the first quarter of 2017, a new specimen of malware emerged every 4.2 seconds 1 in every 131 emails included malware in 2016 of all breaches in 2016 involved some form of malware Sources: 1) Malware trends 2017, G DATA Software 2) Symantec Internet Security Threat Report, April 2017 3) WannaCry Update, Rapid7 Blog, May 2017 4.2 seconds 1 in every 131 Over half (51%)
  • 61. Use our research to learn about new types of malware Application Threat Intelligence
  • 62. Injects into running processes Hooks functions inside Windows DLLs MitM – sends credentials to command and control center
  • 64. Drop zone Mobile Field Name Encryption AJAX JSON Hacker Bots DataSafe Encryption Users credentials 088373be1 = user 0x8xb28 = 12345 User = user Password = 12345 App-level encryption No Client or Impact to users Stolen credential cannot be re-used No app updates required Goes beyond TLS/SSL
  • 65. What Are The Problems and Solutions? Sales have challenges in positioning subscriptions Existing sale model require registered users MiTB stealing credentials MiTM attacks What We Will Offer: Perpetual License Perpetual license, this is what sales are used to sell, easily add-on to any other product Message Level Encryption Encrypt sensitive fields such as password, similar to what we offer with WebSafe Add-on Module Add-on to any TMOS based platform, No user count, Price based on Platform 1 2 3
  • 66.
  • 68. ANTI- DDoS APP INFRASTRUCTURE ANTI-DDoS DNSTLS/SSL ADVANCED WEB APPLICATION FIREWALL Web Application Attacks App Infrastructure Attacks DDoS Attacks Client-Side Attacks ANTI-DDoS BOT DEFENSE CREDENTIAL PROTECTION WEB ACCESS MANAGEMENT WAF IDENTITY ACCESS MGMT IAM DDoS Hybrid Defender Advanced WAF Access Management SSL Orchestrator
  • 69. Key Benefits: • Protects Web and mobile apps from exploits, bots, theft, app-layer DoS • Prevent malware from stealing data and credentials • Prevent Brute Force attacks that use stolen credentials • Eliminate time-consuming manual tuning for App-layer DoS protection Defend against bots • Proactive bot defense • Anti-bot mobile SDK • Client and server monitoring Protect apps from DoS • Auto-tuning • Behavioral analytics • Dynamic signatures Prevent Account Takeover • App-level encryption • Mobile app tampering • Brute Force protection Mobile Bot Mitigation Credential Protection App-Layer DoS Hacker Anti-bot Mobile SDK Bots F5 Advanced WAF Users credentials
  • 70. Key F5 Advantages ✓ Bot Protection ✓ Account Takeover ✓ App-Layer DoS Bot protection beyond signatures and reputation ✓ Web and mobile app protection ✓ Client fingerprinting ✓ Server performance monitoring Account Takeover that stops credential theft and abuse ✓ Application Layer Encryption ✓ Obfuscation and evasion detection ✓ Comprehensive Brute Force mitigation App-Layer DoS that adapts to changing apps ✓ Real-time application baselines ✓ Behavioral analysis with machine learning ✓ Dynamic signatures with low false positives
  • 71. F5 Networks Positioned as a Leader in 2017 Gartner Magic Quadrant for Web Application Firewalls* F5 is highest in execution within the Leaders Quadrant. * Gartner, Magic Quadrant for Web Application Firewalls, Jeremy D’Hoinne, Adam Hils, Claudio Neiva, 7 August 2017
  • 72. ASM Současná funkcionalita ASM L7 DDoS (BaDos Limited) Advanced Bot Protection WAFBase ADC
  • 73. F5 Advanced WAF Současná funkcionalita ASM Nové služby obsažené v Advanced WAF L7 DDoS (BaDos Limited) Advanced Bot Protection WAFBase ADC BaDoS Unlimited DataSafe Upstream Signaling Bot Mobile SDK Advanced WAF licence Licenční add-on k Advanced WAF
  • 75.
  • 78.
  • 79. FY2017 FY2018 BIG-IP i2600 / i2800 BIG-IP i4600 / i4800 BIG-IP i76000 / i7800 BIG-IP i5600 / i5800 BIG-IP i10600 / i10800 BIG-IP i10600 / i10800Herculon-DHD F5 DHD DHD on selected hardware DHD on all BIG-IP hardware and VE Viprion 4480/4800
  • 80.
  • 82. K 1M 2M 3M 4M 5M 6M 7M 8M 9M 10M BIG-IP i2000 Series BIG-IP i4000 Series BIG-IP i5000 Series BIG-IP i7000 Series BIG-IP i10000 Series BIG-IP i11000 Series BIG-IP i15000 Series VIPRION 2200 + 2x B2250 VIPRION 2400 + 4x B2250 VIPRION 4480 + 4x B4450 VIPRION 4800 + 8x B4450 VIPRION 2400 8M L7 RPS 4M L4 CPS 320G L7/L4 TPUT VIPRION 4800 40M L7 RPS 23.2M L4 CPS 1120/1120 G L7/L4 TPUT Scalability and Performance of F5 Systems Flexible Performance Levels and On-demand Scalability BIG-IP i15600/i15800 10M L7 RPS 4.2M L4 CPS 160G/320G L7/L4 TPUT BIG-IP i2600 / i2800 560K L7 RPS 250K L4 CPS 10G L7/L4 TPUT BIG-IP i4600 / i4800 1.1M L7 RPS 500K L4 CPS 20G L7/L4 TPUT BIG-IP i76000 / i7800 3.0M L7 RPS 1.1M L4 CPS 40G/80G L7/L4 TPUTBIG-IP i5600 / i5800 1.8M L7 RPS 800K L4 CPS 35G /60G L7/L4 TPUT L7 RPS (inf-inf) BIG-IP i10600 / i10800 3.5M L7 RPS 1.5M L4 CPS 80G/160G L7/L4 TPUT BIG-IP i11600 / i11800 5.5M L7 RPS 2.5M L4 CPS 80G/160G L7/L4 TPUT VIPRION 2200 4M L7 RPS 2M L4 CPS 160G L7/L4 TPUT VIPRION 4480 20M L7 RPS 11.6M L4 CPS 560/560 L7 /L4 TPUT
  • 83. © F5 Networks, Inc 84 iSeries TurboFlex Enhancement • GUI for selecting which TurboFlex profile to use • New features in TurboFlex Security Profile • Multiple DoS vector lookups (multi-layer attack mitigation) • Custom DoS Signatures In HW (Behavioral DoS) that provides dynamically programmable of HW signatures • Transparent L2 forwarding
  • 85. © F5 Networks, Inc 86
  • 86.
  • 87. © F5 Networks, Inc 88 L4-L7 WAFKritické aplikace DevOps Flexibilní licencování Automatizace Klíčové komponenty pro cloud
  • 88. © F5 Networks, Inc 89 Flexibilní licencování od F5 – porovnání
  • 89. • Deep technical expertise • Global footprint • Rapid resolution to issues • Monitoring tools and AskF5 • ISO 9001: 2008 BIG-IP Virtual Edition subscription SKUs • ELA compatible VE visions V11.4 forward • New versions will be added as available Premier Support Included in PriceProducts Covered GBB Level 25M 200M 1G 3G 5G 10G Good ● ● ● ● ● ● Better ● ● ● ● ● ● Best ● ● ● ● ● ● * - Maximum user license # - 250K / 1M License – End of Jan. 2018 Standalone Modules 25M 200M 1G 3G 5G 10G BIG-IP ASM ● ● ● BIG-IP AFM ● ● ● ● ● ● BIG-IP APM* ● ● BIG-IP DNS # 250K 1M Per-App VE 25M 200M BIG-IP LTM ● ● BIG-IP ASM ● ●
  • 90. Significantly Reduce Your Initial Investments With Subscriptions 0 1 2 3 4 5 TotalInvestment Years Significantly Increase Ability To Support Your Apps With The Same Budget 16 18 37 40 44 93 $300K $500K $700K VE Version + VE Subscription 1G GOOD 1G BEST 1G BETTER More Than 3 Years Of Savings ~2.5X VEs With Subscription
  • 91. F5 licence dostupné na Azure Market Place © 2017 F5 Networks 19
  • 92.
  • 93. DEVELOP Source : F5 SOAD 2018Q. How is digital transformation influencing your application decisions? Select all that apply DEPLOY DELIVER IT’S CHANGING HOW WE DEVELOP APPS (MOVING TO AGILE) WE’RE USING AUTOMATION AND ORCHESTRATION ACROSS IT WE’RE MOVING TO DELIVER MORE APPS FROM THE PUBLIC CLOUD
  • 94.
  • 97.
  • 98. Packaged and Priced for Per-Application Deployments Core Other Apps (e.g. Analytics/Business Intelligence, Digital Marketing) 48% Back Office Content Communications Collaboration 32% % of Budget Spent 12% 8% Source: Gartner Enterprise Software Forecast (June 2017) and F5 analysis • Supports 1 VIP (3-Virtual Servers) • Available Services: LTM and WAF • 25Mbps and 200Mbps Instances • TMOS v13.1.0.2 and above • Licensing using Big-IQ License Manager (included) • Consistent App Services across IT • Pricing starting at $395* (*- VE Subscription/ELA) Per-App Virtual Edition L7 Traffic Mgmt and Security (LTM, ASM) F5 BIG-IQ License Manager App N – 200M App 2 – 200M App 1 – 25M
  • 99. Per-App VE# VE# # of Applications Supported 1 Virtual IP* & 3 virtual servers No Limit App Services • LTM • WAF GBB (all app services) Throughput Instances 25M, 200M 25M, 200M, 1G, 3G, 5G, 10G Consumption Models Subscription, ELA, Perpetual Subscription, ELA, Perpetual, PAYG Code base (TMOS) Same Ecosystem Support (Private Cloud, Container Integration) Same (* - 1 wild-card included in Virtual IP)# - Open VMware tool & Advanced WAF with 13.1.0.2 release
  • 100. Up to 75% Off Standard BIG-IP VE List Prices Supports Broader F5 Usage In Enterprise App Infrastructures
  • 101.