Más contenido relacionado La actualidad más candente (20) Similar a F5's IP Intelligence Service (20) F5's IP Intelligence Service2. 2
Security Challenges
A Denial of Service tool…
54%
of hacking breaches
using SSL/TLS showed the
potential for an everyday laptop
in larger organizations on an average connection to
occur happen at the take down an enterprise web
web application server
Anonymous proxies… have
We still see Threat detection today… hinges on two steadily increased, more than
elements: identifying suspicious activity quadrupling in number as
SQL Injection
among billions of data points, and compared to three years ago.
as a choice point of
entry for attacker refining a large set of suspicious
incidents down to those that matter
The most significant change we saw in 2011 was
the rise of “hacktivism” against larger
organizations worldwide
© F5 Networks, Inc.
3. 3
The Shift To The Intelligent Network
We want to leverage the We need to approach Users expect a better
traffic data security different experience
Traffic Data Personalized
Evolving Threats Experience
© F5 Networks, Inc.
4. 4
IP Intelligence
Reputation Scanners
Deny access to infected IPs Probes, scans, brute force
Windows Exploits Denial of Service
Known distributed IPs DoS, DDoS, Syn flood
Web Attacks Phishing Proxies
IPs used for SQL Injection, CSRF Phishing sites host
BotNets Anonymous Proxies
Infected IPs controlled by Bots Anon services, Tor
© F5 Networks, Inc.
5. 5
IP Intelligence: Defend Against Malicious
Activity and Web Attacks
Enhance automated application delivery
We need to approach
decisions adding better intelligence and stronger
security different
security based on context.
Layer of IP threat protection delivers context to
identify and block IP threats using a dynamic data
set of high-risk IP addresses.
Visibility into threats from multiple sources
leverages a global threat sensor network
Deliver intelligence in a simple way reveals
inbound and outbound communication
Evolving Threats Real-time updates keep protection at peak
performance refreshing database every five
minutes.
© F5 Networks, Inc.
6. 6
IP Intelligence
How it works
• Fast IP update of malicious activity
• Global sensors capture IP behaviors
• Threat correlation reviews/ blocks/ releases
Key Threats Sensor Techniques
Semi-open Proxy Farms
Web Attacks
Exploit Honeypots
Reputation
Windows Exploits Naïve User Simulation
Botnets
Web App Honeypots
Scanners
Network Attacks Third-party Sources
DNS
© F5 Networks, Inc.
7. 7
IP Intelligence
Identify and allow or block IP addresses with malicious activity
IP Intelligence
Service
?
Internally infected
devices and servers
Scanners
• Use IP intelligence to defend attacks
• Reduce operation and capital expenses © F5 Networks, Inc.
8. 8
BIG-IP Intelligence Service:
Context-based delivery & protection
• Broad-based IP threat intelligence
– Global network of sensors addressing diverse use cases
– Threat IPs are catalogued and tracked indefinitely
• Consolidated platform increases performance and reduces
network costs
– Offload unwanted traffic and block at the edge of network
– Improved network and app performance
• Cloud-based architected
– Paid subscription-based service with 1yr and 3yr licenses
– Real-time continuous updates
• Available throughout all BIG-IP systems
– Configurable in BIG-IP ASM UI
– Accessible from iRules for all BIG-IP solutions
© F5 Networks, Inc.
9. © 2012 F5 Networks, Inc. All rights reserved. F5, F5 Networks, the F5 logo, BIG-IP, ARX, FirePass, iControl, iRules, TMOS,
and VIPRION are registered trademarks of F5 Networks, Inc. in the U.S. and in certain other countries