f5 networks- why legacy security systems are failing

WHY LEGACY SECURITY SYSTEMS ARE FAILING

Nathan Pearce - @F5NetworksEMEAProduct ManagerEurope, Middle East & Africa

2© F5 Networks, Inc.

• MI5 fighting ‘astonishing’ levels of cyber attacks

• “Most senior managers don’t know where their data is”, Varonis

• “Trust No One”, Fox Mulder, The X-Files

Know thine enemy

3© F5 Networks, Inc.

Unknown Vulnerabilities in Web Apps

Web Application

Vulnerabilitiesas a percentage

of all disclosuresin 2011 H1

• Unable to find or mitigate vulnerabilities

• Very expensive to fix by recoding

• Difficult to include scanner assessments

• Need assurance that app sec. is deployed properly

Source: 1BM X-Force Research and Development

Web Applications: 37 percent

Others: 63 percent

4© F5 Networks, Inc.

Cyber-attacks in the News for 2011

IBM X-Force 2011 Trend and Risk Report March 2012

5© F5 Networks, Inc.

The two faces of hacking

IEEE Spectrumspectrum.ieee.org

6© F5 Networks, Inc.

Attacks Are Moving “Up the Stack”Network Threats Application Threats

90% of securityinvestment focused here

75% of attacks focused here

L3 Security DDOS, packet filters, IP protocol validation, fragmentation, checksum, lengths, etc.

L4 Security TCP protocol validation, lengths, checksum , TCP DOS attacks, etc.

L5/7 Security Protocol level security of DNS, HTTP, SMTP, SIP etc.OWASP Top 10

7© F5 Networks, Inc.

OWASP Top 10 Web Application Security Risks: 1. Injection 2. Cross-Site Scripting (XSS) 3. Broken Authentication and Session Management 4. Insecure Direct Object References 5. Cross-Site Request Forgery (CSRF) 6. Security Misconfiguration 7. Insecure Cryptographic Storage 8. Failure to Restrict URL Access 9. Insufficient Transport Layer Protection 10. Unvalidated Redirects and Forwards

Protection From Top Web App. Vulnerabilities(Open Web Application Security Project)

Source: www.owasp.org

8© F5 Networks, Inc.

• Yes

• Its easy

• With free on-line lessons…

Can I be a hacker?

9© F5 Networks, Inc.

How Long to Resolve a Vulnerability?

Website Security Statistics Report

10© F5 Networks, Inc.

People. Applications. Data.Application and service delivery

Data center consolidationGARTNER: 88% of CIOs rate cloud computing a priority in the next 18 months

GARTNER: 70% of IT organizations prefer to deploy servers virtually rather than on hardware

11© F5 Networks, Inc.

Protect Applications from ThreatsAdaptive and unique attack protection

Gain visibilityinto application sessions

Understand session context and apply policy

Take actionand mitigate offending clients

12© F5 Networks, Inc.

Key Ingredients to Better Security

Scalable

Extensible and Adaptable

Context Awareness

Unified Security Platform

Engaged Community

13© F5 Networks, Inc.

Key Ingredients to Better Security

Scalable

Extensible and Adaptable

Context Awareness

Unified Security Platform

Engaged Community

14© F5 Networks, Inc.

Key Ingredients to Better Security

Scalable

Extensible and Adaptable

Context Awareness

Unified Security Platform

Engaged Community

15© F5 Networks, Inc.

Key Ingredients to Better Security

Scalable

Extensible and Adaptable

Context Awareness

Unified Security Platform

Engaged Community

16© F5 Networks, Inc.

Key Ingredients to Better Security

Scalable

Extensible and Adaptable

Context Awareness

Unified Security Platform

Engaged Community

17© F5 Networks, Inc.

Key Ingredients to Better Security

Scalable

Extensible and Adaptable

Context Awareness

Unified Security Platform

Engaged Community TMOS TMOS

AVAILABLE

SECURE

FAST

AVAILABLE

SECURE

FAST

18© F5 Networks, Inc.

devcentral.f5.com

facebook.com/f5networksinc

linkedin.com/companies/f5-networks

twitter.com/f5networks

youtube.com/f5networksinc