Upload File

before: servers behind firewalls today: servers migrate out business drivers: e-business supply...

  • Home
  • Documents
  • Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM
27

Upload: alfred-boyd

Post on 02-Jan-2016

219 views

Category:

Documents


1 download

Report

Tags:

TRANSCRIPT

Page 1: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM
Page 2: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Before: Servers Behind Firewalls

Page 3: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Today: Servers Migrate Out

Business drivers:• E-Business• Supply chain management• CRM

Page 4: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Servers Placed in DMZ

Page 5: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Holes Punched in Firewall…

Page 6: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Holes Punched in Firewall…

Page 7: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Internet Facing Servers are at Risk

Page 8: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

And Through Them - Entire Network

Page 9: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Why Are Web Servers Vulnerable?

• Complexity• Mix of software from different vendors• Web masters have administrative privileges

Page 10: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

How Are Web Servers Attacked?

• Code injected through HTTP requests– Typically using a buffer-overflow vulnerability

• Attack used to:– Deface web site

– Install Trojan horse

– Plant backdoors

– Attack deeper into the organization

Page 11: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Attack Scenario

Page 12: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Attack Scenario

Page 13: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Attack Scenario

Page 14: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Attack Scenario

Page 15: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Attack Scenario

Page 16: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Solution: WaveBreaker

Page 17: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

FileSystem

Network Registry Processes

OS Services

IIS

Applications

WaveBreaker Architecture

Page 18: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

WaveBreaker Architecture

WaveBreaker Interception Layer

FileSystem

Network Registry Processes

IIS

Authorizer

Admin console

Page 19: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

WaveBreaker Architecture

FileSystem

Network Registry Processes

WaveBreaker Interception Layer

IIS

Authorizer

Admin console

Page 20: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

FileSystem

WaveBreaker Interception Layer

WaveBreaker Architecture

Network Registry Processes

OK

Authorizer

IIS

Admin console

Page 21: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

WaveBreaker Architecture

FileSystem

Network Registry Processes

WaveBreaker Interception Layer

IIS

Authorizer

OK

Admin console

Page 22: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

WaveBreaker Architecture

FileSystem

Network Registry Processes

WaveBreaker Interception Layer XWaveBreaker Interception Layer X

Authorizer

IIS

WaveBreaker’s performance overhead: Approximately 5%

Admin console

!

Page 23: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

WaveBreaker: Product Highlights

• Intrusion-proof protection for Microsoft®-IIS based applications

• Prevents:– Opening backdoors– Planting Trojan horses– Web site defacement– Attacks deeper into the corporate network

• Attacks are blocked in real-time• Out-of-the-box security schemes provide instant

protection• Easily configurable to support any web application• Security logs alert security administrators of attack

attempts

Page 24: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Simple Management

Page 25: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Full Event Monitoring

Page 26: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Conclusion

• Business drivers and competitive market no longer permit keeping mission critical servers behind firewalls.

• Internet-facing web applications are and will be vulnerable.

• WaveBreaker can provide the shielding needed to deploy internet-facing servers.

Page 27: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM

Thank you.


Secure Internet Servers/Firewalls withbrakmic/doc/secure_servers.pdf · Who should be here today: Security Consultants who want to configure OpenBSD System and Network Administrators

Security Comparing network firewalls to web application firewalls

Firewalls Types of Firewalls

Secure Internet Servers/Firewalls with What you will learn today:

Secure Internet Servers/Firewalls with Internet Servers/Firewalls with Ian F. Darwin What you will learn today: How …

Load Balancing Servers, Firewalls, and Caches - Buch.de · Load Balancing Servers, Firewalls, and Caches Chandra Kopparapu Wiley Computer Publishing John Wiley & Sons, Inc. NEW YORK

Firewalls - csci530l/slides/lab-firewalls-color.pdf · What do these 2 firewalls protect? Windows ... Linux Firewalls , Michael Rash, No Starch Press, 2007 ... lab-firewalls.ppt

Working with Proxy Servers & Application-Level Firewallspeople.ysu.edu/~mawelton/CSIS3755/CSIS 3755 - Chapter 7.pdf · Working with Proxy Servers & Application-Level Firewalls .

Research Article - JESTR · Application level gateway topology. Application level gateways are software application firewalls that operate through proxy servers and proxy clients

Sting: a TCP-based network measurement toolcseweb.ucsd.edu/~savage/papers/Usits99Slides.pdf · packets were lost in each direction. ... Some Web servers/firewalls terminate connections

SIP, Firewalls and NATs Oh My!. SIP Summit 2001 5.01.01 SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically

Notes Domino 8.5 STEWBackup and storage topology Other data stores, such as Websphere Portal servers, db2 servers, and WAS servers VPNs, DMZs, firewalls Third-party software (Virus

Securing Communications - Dongseokowon.dongseo.ac.kr/~hjlee/03-AC00.4Securing Communication.pdf · ♦Types of concerns addressed ... – Firewalls/ QoS servers ... Main Source: Stallings

Proxy Servers & Firewalls

+ Architecture, Firewalls and Proxy Servers Networks

Web Security Firewalls, Buffer overflows and proxy servers

Security Testing - · PDF fileSecurity Testing: Step by Step System ... -Firewalls, Routers, Gateways, Switches-Web Servers-Database Servers ... - Windows - Solaris - Linux Viruses

Firewall Suite - Firewall Configuration Guide · The Firewall Configuration Guide provides information about how to configure supported firewalls, proxy servers, and security devices

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 7 Working with Proxy Servers & Application-Level Firewalls By Whitman, Mattord,

Proxy servers-firewalls

GREECE CENTRAL SCHOOL DISTRICT CURRICULUM GUIDEnmhs.sharpschool.net/UserFiles/Servers/Server_90307/File/Migrate/Living Environment...GREECE CENTRAL SCHOOL DISTRICT . Greece Central

Firewalls - Northern Kentucky University · Types of Firewalls . 1. Packet filters (stateless) 2. Stateful firewalls 3. Proxy servers ... Netfilter and IPtables . ... – Passenger

Firewalls - Columbia Universitysmb/classes/f06/l15.pdf · Firewall Advantages Firewalls What’s a Firewall Why Use Firewalls? Tradttional Firewalls by Analogy Should We Fix the Network

Ethernet Design Considerations for Control System … PACs (Process Automation Controllers), FactoryTalk View servers, automation firewalls, and RSLogix 5000 software. The control

Firewalls CS432. Overview What are firewalls? Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls

CS155 - Firewalls · 1 CS155 - Firewalls Simon Cooper CS155 – Firewalls 22 May 2003

Implementing Firewalls & Proxy Servers - Robert Gezelter Software

ISA 3200 NETWORK SECURITY Chapter 7: Working with Proxy Servers & Application-Level Firewalls

lWebsense Web Security Deployment Guide, v7.0 · Chapter 4: Integration Deployment—overview of deploying Websense software with firewalls, proxy servers, caching applications, network

Firewalls and IDS 1 Firewalls and Intrusion Detection Systems

og NET 4 201anetusa.net/public/documents/SureLog_Fetures.pdfToday's IT operations require many technologies; routers, firewalls, switches, file servers, and applications ... Linux

1 Introduction to firewalls and IDS/IPS. 2 firewalls

IaaS Trends: Migrate Servers to Cloud

Lenovo Servers Help Customers Migrate to 3rd Platform

Proxy Servers, Firewalls, NAT