prezentácia programu powerpoint - alef · via javascript on web applications and an sdk on...
TRANSCRIPT
![Page 2: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/2.jpg)
2
Co vás čeká?
• F5 jako několik samostatných řešení
• Kampaně 2020
• Vertikály zákazníků + use case
![Page 4: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/4.jpg)
4
8,5 aplikace za dopoledne
![Page 5: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/5.jpg)
5
Jak vypadá ideální aplikace?
RYCHLÁ A
SVIŽNÁ
VŽDY
DOSTUPNÁ
BOHATÁ
GRAFIKA
BEZPEČNÁ PLNÁ FUNKCÍ
![Page 6: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/6.jpg)
6
![Page 7: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/7.jpg)
7
Odezva aplikace, vysoká dostupnost
Řešení
![Page 8: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/8.jpg)
8
TRAFFIC
MANAGEMENT
![Page 9: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/9.jpg)
9
TRAFFIC
MANAGEMENT
![Page 10: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/10.jpg)
10
V čem je tedy problém?
![Page 11: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/11.jpg)
11
TRAFFIC
MANAGEMENT
![Page 12: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/12.jpg)
12
TRAFFIC
MANAGEMENT
![Page 13: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/13.jpg)
13
TRAFFIC
MANAGEMENT
iRules
![Page 14: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/14.jpg)
14
TRAFFIC
MANAGEMENT
![Page 15: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/15.jpg)
15
TRAFFIC
MANAGEMENT
![Page 16: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/16.jpg)
16
TRAFFIC
MANAGEMENT
![Page 17: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/17.jpg)
17
TRAFFIC
MANAGEMENT
![Page 18: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/18.jpg)
18
Jak to budeme řešit?
![Page 19: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/19.jpg)
19
TRAFFIC
MANAGEMENT
![Page 20: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/20.jpg)
20
TRAFFIC
MANAGEMENT
![Page 21: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/21.jpg)
21
TRAFFIC
MANAGEMENT - 40 %
![Page 22: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/22.jpg)
22
TRAFFIC
MANAGEMENT
![Page 23: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/23.jpg)
23
TRAFFIC
MANAGEMENT
SSL
SSLSSLSSL
SSLSSLSSL SSL
SSL
SSLSSLSSL
SSLSSLSSL
SSL
SSLSSLSSL
SSLSSLSSL
TLS
TLS
TLS
TLSSSL
SSLSSL
![Page 24: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/24.jpg)
24
TRAFFIC
MANAGEMENT
![Page 25: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/25.jpg)
25
TRAFFIC
MANAGEMENT
![Page 26: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/26.jpg)
26
Zvýšení hodnoty
současného HW
Nové možnosti správy provozu
Zrychlení aplikace
Úspora/zvýšení výpočetního
výkonu
LTM
![Page 27: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/27.jpg)
27
Bezpečná aplikace
Řešení
![Page 28: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/28.jpg)
![Page 29: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/29.jpg)
29
SECURITY
aplikací
1/3útoků
72 %útoků
81 %
![Page 30: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/30.jpg)
30
SECURITY
6 min
< 2 hodiny
automatického provozu
50 %
![Page 31: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/31.jpg)
31
Proč nejde prostě blokovat komunikaci všech robotů?
![Page 32: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/32.jpg)
32
SECURITY
C Nelze snadno poznat jejich záměr
![Page 33: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/33.jpg)
33
SECURITY
C
![Page 34: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/34.jpg)
34
SECURITY
Web Hybrid Native
![Page 35: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/35.jpg)
35
SECURITY
![Page 36: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/36.jpg)
OWASP
Top 10
2013 OWASP Top 10
1. Injection
2. Broken authentication and session
management
3. Cross-site scripting (XSS)
4. Insecure direct object references
5. Security misconfiguration
6. Sensitive data exposure
7. Missing function level access control
8. Cross-site request forgery (CSRF)
9. Using components with known
vulnerabilities
10. Unvalidated redirects and forwards
2017 OWASP Top 10
1. Injection
2. Broken authentication
3. Sensitive data exposure
4. XML external entities (XXE)
5. Broken access control
6. Security misconfiguration
7. Cross-site scripting (XSS)
8. Insecure deserialization
9. Using components with known
vulnerabilities
10. Insufficient logging
and monitoring
![Page 37: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/37.jpg)
37
SECURITY
58%
56%
6%
4%
3%
2%
2%
1%
1%
PHP
SQL
Exchweb
Comments
Cart
Betablock
Admin
Affiliates
Login
![Page 38: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/38.jpg)
V posledních 8 letech bylo vyzrazeno více než 7.1 miliard identit
117 mil. 150 mil. 70 mil. 427 mil. 3 miliardy
“Téměř uživatelů používají jedno heslo na více místech a nezměnili jej 5 a více let ”
3 ze 4
137 mil. 144 mil.
![Page 39: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/39.jpg)
39
K čemu jsou útočníkům takové údaje?
![Page 40: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/40.jpg)
40
SECURITY
USERNAME Credit Card
Data
USERNAME Intellectual
Property
USERNAME Healthcare
Data
USERNAME Passport
Data
USERNAME Financial
Data
USERNAME
USERNAME
USERNAME
USERNAME
USERNAME
USERNAME
USERNAME
USERNAME
USERNAME
USERNAME
USERNAME
USERNAME
USERNAME
USERNAME
Úspěšnost více než 7 %
![Page 41: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/41.jpg)
41
SECURITY aWAF
![Page 42: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/42.jpg)
42
SECURITY
Behavioral DoS protection
![Page 43: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/43.jpg)
43
SECURITY
Slowloris
![Page 44: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/44.jpg)
44
aWAF
Redukce provozu o
30 %
Prevence násilného zastavení
služby
Neznámé útoky, OWASP
10
Ochrana cenných dat
![Page 45: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/45.jpg)
45
Čas na Shape!
Řešení
![Page 46: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/46.jpg)
Confidential /
About Shape
Protects web & mobile applications from automated attack and abuse
Founded:
Mountain View, California 2011
Patents:
50+ Issued 130+ Pending
Recognised as the fastest growing
company in Silicon Valley (Deloitte, 2018)
Confidential
Customers include:
4 of the top 10 Global Airlines
3 of the top 5 US banks
2 of the top 10 Global Retailers
2 of the top 5 Global Hotel Chains
5 of the top 10 Credit Card Issuers
2 of the top 5 Insurers
Traffic Volume:
1B+ transactions/day
100M real human logins/day
125M mobile devices with Shape SDK
![Page 47: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/47.jpg)
Confidential / / Part of F5
Fraud occurs when criminals act like legitimate users
?
?
?
?
Users
(criminals mixed in with good users)
Web & Mobile Apps
(serve good users & criminals
alike)
Criminals
(not evident until it’s too
late)
To compete today, enterprises must be open to anyone, anywhere, on any device.
Web/Mobile Applications - significant source of fraud.
![Page 48: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/48.jpg)
Confidential
User: logs in with
username & password
Attacker: logs in with
username & password
Challenge: criminals use apps as you intended (no flaws)
Criminals, armed with widely-available tools, can evade technologies like
non-advanced WAF or ineffective techniques like CAPTCHA
![Page 49: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/49.jpg)
ConfidentialConfidential
Part of F5
Value Creation
Leg
en
d
WE SECURE THAT YOUR
APPLICATION USED BY HUMAN AND
NOT BAD BOT‘S
Login
Forgot username/password
Create Account
Credit Card Application
Transfer Loyalty Points
Search
Open API Abuse
….
Shape Business OutcomeAccount Takeover (ATO) Fraud Prevention
Synthetic Identities blocking
Scraper /Aggregator visibility & control
Man-in-the Browser Defense
Manual Fraud at scale detection/ blocking
---
Remove high-friction mechanisms, including
CAPTCHA and multifactor authentication
DETECTION-MONITORING-MITIGATIONIN REALTIME
![Page 50: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/50.jpg)
Confidential /
April May June
6M
5M
4M
3M
2M
1M
0
HUMAN DETECTED & BLOCKED DETECTED & FLAGGEDPOSTS TO /LOGIN EVERY THREE
HOURS
Mitigation Mode (on attacker signatures)
Mitigation Mode (on new sigature)
Attacker Gives Up
Retool Detected in Stage II (update Stage I)Observation Mode (flagging only)
Focus on Retail:
Major online retailer in Asia G2000 (Initial stages of
mitigation)
![Page 51: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/51.jpg)
Confidential / / Part of F5
0 ATOs- Traffic now 1% automated
(not 92%)
- Customer expanded
protection to mobile
Major online G2000 (Continued efficacy @ 18mo+)
![Page 52: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/52.jpg)
Confidential / / Part of F5
Shape is uniquely effective against sophisticated attacks
Professional Automation- Highly motivated and skilled
- Customized bot tools
- Persistent
Amateur Automation- Less motivated and skilled
- Off-the-shelf bot tools (Sentry MBA)
- Terminable
1
2
Scaled Manual Attacks- Mechanical Turks (Human
Sweatshops)
- Repetitive patterns
321 Shape
1 Other Solutions
3
![Page 53: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/53.jpg)
ConfidentialConfidential /
1
2Agenda
Evolution of Attacks – Why traditional security measures fail
Introduction Shape Enterprise Defense
3 Shape Deployment Options
![Page 54: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/54.jpg)
ConfidentialConfidential
Evolution of Attacks – Why traditional security measures fail Criminals armed with widely-available tools and services to launch Imitation Attacks
People reuse passwords
Up to 2% of all leaked credentials
will work on any given site
Attackers use Automation
to test credentials
-Penetrate sites that have not
otherwise been breached
![Page 55: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/55.jpg)
ConfidentialConfidential
Evolution of Attacks – Why traditional security measures fail Criminals armed with widely-available tools and services to launch Imitation Attacks
Uses Full
Browser
Imitates
Browser
Imitates Browser
Network Traffic
Traditional security measures (e.g. device ID, WAFs, IPS) are typically signature-based
and can’t defend against sophisticated, retooling attackers
![Page 56: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/56.jpg)
ConfidentialConfidential
What set us apartShape is designed to adaptand maintain full efficacy even as attackers evolve
Shape AI is trained on years of attack data from Fortune 500 companies
![Page 57: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/57.jpg)
ConfidentialConfidential
Tools and Services to launch AttacksSentry MBA - Credential stuffing / Brute-Force Login inclusive CAPTCHA solver
Sentry MBA leverage Data from data leaks for automated Credential stuffing / Brute-Force Login
(Login, Password Reset, Account Registration, etc.)
![Page 58: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/58.jpg)
ConfidentialConfidential
Tools and Services to launch AttacksGenesis Digital Fingerprint Marketplace
https://genesis.market
● usernames & passwords
● browsing history
● cookies
● machine & browser attributes
● usernames & passwords
● browsing history
● cookies
● machine & browser attributes
“Genesis Security” plugin
MATCH
![Page 59: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/59.jpg)
ConfidentialConfidential
Evolution of Attacks – Business ImpactIncreasing operational expenditure for the detection and defense against:
Credential Stuffing / Brute-Force on Login Sites / Account Take
Over
(Mass log in attempts used to verify the validity
of stolen username/password pairs)
Scraping
(Price Comparisons, IP Theft, or Plagiarism)
Fake Accounts Creation at Scale
Open API Abuse
Fraudulent Transactions
Arising from Man-in-the-Browser and malware
Business Problems
● Account Take Over Fraud
● Breach of personal information
● Multiple forms of fraud
● System Overhead
● Application DDoS
● Consume of Marketing KPI
● Block/Lock Online Inventory
● ….
![Page 60: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/60.jpg)
ConfidentialConfidential /
1
2Agenda
Evolution of Attacks – Why traditional security measures fail
Introduction Shape Enterprise Defense
3 Shape Deployment Options
![Page 61: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/61.jpg)
ConfidentialConfidential
Shape Enterprise DefenseDETECTION-MONITORING-MITIGATION - enabling real-time fraud prevention
Protected Customer
Experience Flow
Custom ActionBlock - Stop processing the request
Redirect - Redirect the user browser to a specific URL
Respond - Respond with a configured HTTP response
Deceive - Provide misdirection to attackers
Read-Only - Limit Access by Transactions
Rate Limit - Limit System resource impact
Flag - Mark Traffic for later action
Real-Time Mitigation
Types of Traffic & Custom Action
Threat Device Bad Actors
Client Signals
Shape collects advanced
telemetry to enhance the
ability of the defense engine
to detect attacks.
These signals are collected
via JavaScript on web
applications and an SDK on
nativemobile applications. Shape Appliance
(Hardware/ VM/ Hosted
Cloud & API)
It relies on hundreds of signals
at the network, browser, and user levels.
Legitimate Traffic
Human
Legitimate Traffic
Automation (Monitoring)
Shape Concept of Protected Customer Experience Flow ( POST-GET Request)
![Page 62: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/62.jpg)
ConfidentialConfidential
Shape Enterprise DefenseShape Signal Set
Interrogate Environment Client Detection Evaluate Behavior
Protection is based on Fingerprints, Header Pattern, User Behavior Pattern and Signals –NOT IP‘s or User Agent
Proofs of hardware, proofs of environment, deception, user behavior collection, and much more
Are you who you say you are? and more Are you even a browser? and more Are you a human? and more
![Page 63: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/63.jpg)
ConfidentialConfidential / Confidential /
Shape Enterprise Defense
68,6MTotal POSTs
4,1 MHuman
64,6
MAutomated
94%Automated
Shape Signal Set – Real Example
Webtraffic Pattern over time
![Page 64: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/64.jpg)
ConfidentialConfidential / Confidential /
Shape Enterprise Defense
68,6MTotal POSTs
4,1 MHuman
64,6
MAutomated
94%Automated
5 Attackers
Tools
Shape Signal Set – Real Example
Automation Prevention
Blocked Posts
Automation
Flagged Posts
Human Posts
This orange is ok
This is attack traffic
Webtraffic Pattern over time
![Page 65: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/65.jpg)
ConfidentialConfidential
Shape Enterprise DefenseShape Security includes a 24/7 traffic monitoring, threat intelligence analysis, and countermeasure
deployment (if required) services
Protected Customer
Experience Flow
STAGE IISTAGE I
MACHINE LEARNING
ARTIFICIAL
INTELLIGENCE
Multi Stage Detection as a Service
Legitimate Traffic
Human
Legitimate Traffic
Automation (Monitoring)
The Security Operations Center monitors traffic 24/7 and provides incident
response.
Additionally, threat experts deliver regular briefings on attacks and industry intelligence
collected across Shape’s customer network, acting as an extension of an enterprise’s
security and fraud teams.
![Page 66: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/66.jpg)
ConfidentialConfidential /
1
2Agenda
Evolution of Attacks – Why traditional security measures fail
Introduction Shape Enterprise Defense
3 Shape Deployment Options
![Page 67: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/67.jpg)
ConfidentialConfidential
STAGE II
24x7
![Page 68: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/68.jpg)
ConfidentialConfidential
or
STAGE II
24x7
![Page 69: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/69.jpg)
Confidential / / Part of F5
Shape is CDN/Cloud/Load Balancer agnostic
Shape Security is compatible with all the leading CDN, Cloud, and Load Balancer
providers, so you are not tied into any one technology stack.
![Page 70: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/70.jpg)
Confidential / / Part of F5
Security Operations Center (24x7)
Threat Analysis & Reporting
○ Incident and Attack Reports
○ Threat Summary Reports
○ Raw Data Delivery
Threat Research
○ Dark Web Reconnaissance (upon request)
○ Attribution (upon request)
Delivered as a Managed Services
![Page 71: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/71.jpg)
71
Přístup k aplikaci
Řešení
![Page 72: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/72.jpg)
72
ACCESS
• Co s novými příchozími?
• Jak zabránit úniku hesel zaměstnanců?
• Jak zvýšit zabezpečení přihlašování?
![Page 73: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/73.jpg)
73
ACCESS
BYOD
![Page 74: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/74.jpg)
74
ACCESS
SSO
![Page 75: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/75.jpg)
75
ACCESS
Multifaktorováautentizace
![Page 76: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/76.jpg)
76
APM
Na pár kliknutí
Multifaktorováautentizace
Bez hesla, jedním
kliknutím
![Page 77: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/77.jpg)
77
Univerzální dekrypce pro všechny securitynástroje
Řešení
![Page 78: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/78.jpg)
78
SSL/TLS
Orchestrace
Nemohu zabezpečit, co nevidím…
internetového provozu je šifrováno
webového obsahu je zabezpečeno SSL/TLS70% 80%
![Page 79: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/79.jpg)
79
SSL/TLS
Orchestrace
60%61%
89%
34% 25%
11%
2015 2016 2017
TLS 1.2
SSL 3.0
TLS 1.2 vs. SSL 3.0
SSL/TLS narůstá
![Page 80: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/80.jpg)
80
SSL/TLS
Orchestrace
Vliv
Microsoft
Office 365
Třídění
výsledků
vyhledávání
Zvýšená snaha o
zachování
soukromí
Nárůst užívání
sociálních sítí
Chrome
upozornění
na SSL/TLS
GDPR
SSL/TLS šifrováníBusiness Drivers
![Page 81: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/81.jpg)
81
SSL/TLS
Orchestrace
Tři výzvy SSL/TLS
Složitost
zatěžuje celé
IT organizace
Výkon
je degradován
neustálou enkrypcí a
dekrypcí
Viditelnost
je zredukována
kvůli užívání
šifrování
![Page 82: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/82.jpg)
Nedůvěryhodné sítě Bezpečnostní nástroje
Požíváte šifrování? Útočníci také.
SSL/TLS BLIND SPOT
![Page 83: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/83.jpg)
Získat data díky šifrování
Využití uživatele Command & Control Exfiltrace dat
Data
C&C
![Page 84: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/84.jpg)
NNS Labs testovali
Firewall v tomto scénáři
Čas odezvy narostl o
672%
60% provozu bylo
zahozeno/nezkontrolováno
Jak to běžně vypadá s bezpečností a šifrováním?
Next-Gen Firewall
Web Gateway DLP Anti-Malware IPS Next-Gen Firewall
Decrypt, Inspect,
Re-Encrypt
Decrypt, Inspect,
Re-Encrypt
Decrypt, Inspect,
Re-Encrypt
Decrypt, Inspect,
Re-Encrypt
Uživatelé Internet /Apps
![Page 85: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/85.jpg)
SSL Orchestrator
Uživatelé Internet /Apps
Next-GenFirewall
Next-GenIPS
MalwareProtection
Secure WebGateway
Data LossPrevention
Ostatní
SSL Orchestrator
![Page 86: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/86.jpg)
Viditelnost nestačíStále potřebujeme jednoduchou správu, skupiny,
pravidla…
![Page 87: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/87.jpg)
Akcelerace Bezpečnost
Zrychlení přenosu
Úspora linky (o 40 %)
Chytré rozložení zátěže
Dobrý a špatný Bot
DDoS ochrana L3-L7
SQL Injection, …
OWASP 10
HOT FIX
BASSO
1 min
BYOD
![Page 88: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/88.jpg)
88
Něco pro vývojáře?
Řešení
![Page 89: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/89.jpg)
| ©2019 F589
400Msites run NGINX
WE HAVE TREMENDOUS INSIGHT INTO APPLICATION PATTERNS
| ©2019 F5 NETWORKS89
![Page 90: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/90.jpg)
| ©2019 F590
BUSINESS
AGILITY
DIGITAL
ROI
CUSTOMER
EXPERIENCE
Three challenges enterprises face in digital
| ©2019 F5 NETWORKS90
![Page 91: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/91.jpg)
| ©2019 F591
INFRASTRUCTURE LOCK-IN
Limits application portability
across clouds
Three mistakes customers make
Prevents agility and collaboration
among roles
Leads to complexity and higher
costs
SECURITY & NETWORK BOTTLENECK
TOOL SPRAWL
![Page 92: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/92.jpg)
| ©2019 F592
MIC
RO
SE
RV
ICE
S A
PP
S
Today’s architectures are a complex patchwork of tools spanning from code to customer
We
b
App
KIC
SP MS
SP MS
SP MS
SP MS
MO
NO
LO
TH
IC A
PP
S
Mgr.
RP
Mgr.
DDoSWAF
Mgr.Mgr.Mgr. Mgr.
L4
LB
API
GW
L7
LB
L4
LB
Mgr.
DNS
Mgr.
CDN
Mgr.
CODECUSTOMER
![Page 93: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/93.jpg)
| ©2019 F593
MIC
RO
SE
RV
ICE
S A
PP
S
Complement F5 with a platform that simplifies your environment, reducing 13 platforms to 3
We
b
App
KIC
SP MS
SP MS
SP MS
SP MS
MO
NO
LO
TH
IC A
PP
S
Mgr.
WAFL7
LBDNS
F5 Cloud
Services &
Silverline
DNS
DDoS
WAF
NGINX Plus
CDN
F5 BIG IP
Local L4-7 LB
Global L4-7 LB
SSL offload
Advanced WAF
Access mgmt.
L4 firewall
SSL
orchestration
Anti-DDoS
Bot detection
CGNAT
NGINX Plus
Reverse proxy
L4-7 LB
API gateway
Per-app WAF
NGINX Controller F5 BIG IQ
NGINX Plus
K8s IC
NGINX Plus
Sidecar proxy
NGINX Plus
Web server
NGINX Unit
App server
CODECUSTOMER
![Page 94: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/94.jpg)
| ©2019 F594
Load
balancer
Purpose-builthardware
Early 2000’s: Hardware load-balancers
CustomerCode
![Page 95: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/95.jpg)
| ©2019 F595
DNSApp
security
DDoSLoad
balancer
Purpose-builthardware
2005 to mid 2010’s: Hardware ADCs
CustomerCode
![Page 96: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/96.jpg)
| ©2019 F596
Purpose-builthardware
Public cloud
Virtual machines
Mid 2010’s: Services decoupled from the underlying infrastructure
CustomerCode DNSApp
security
DDoSLoad
balancer
![Page 97: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/97.jpg)
| ©2019 F597
CENTRAL MANAGEMENT
Purpose-builthardware
Public cloud
Virtual machines
BIG-IQ
Mid 2010’s: Central Management introduced to reduce operational overhead
CustomerCode DNSApp
security
DDoSLoad
balancer
![Page 98: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/98.jpg)
| ©2019 F598
Platform control planesNGINX Controller ● F5 BIG-IQ ● Third-party ecosystems
Ecosystem Integrations
CLI
GUIYour Pipeline
Security Analytics APIMService
MeshADC
Data
plane
LOB
1…N
Self-Service Portal
Centralized
Teams
AppDevDevOpsSecOpsNetOps Architect
CODE CUSTOMERApp / web
server
Load
balancer
API
gateway
Web app
firewall
DNS CDNIngress
controller
DDoS
Control
plane
Let’s dive into how NGINX Controller can help you today
Any infrastructureContainers ● Public cloud ● Virtual machines ● Colocation ● Commodity HW ● Purpose-built HW
NGINX Controller
![Page 99: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/99.jpg)
| ©2019 F599
Control
plane
Ecosystem Integrations
NGINX Controller
CLI
GUIYour Pipeline
Security Analytics APIMService
MeshADC
LOB
1…N
Self-Service Portal
Centralized
Teams
AppDevDevOpsSecOpsNetOps Architect
DNS CDNDDoSCODE CUSTOMERApp / web
server
Load
balancer
API
gateway
Web app
firewall
Ingress
controller
Any infrastructureContainers ● Public cloud ● Virtual machines ● Colocation ● Commodity HW ● Purpose-built HW
Data
plane
Eliminate tool sprawl | Bake security in | Abstract underlying infrastructure
![Page 100: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/100.jpg)
| ©2019 F5100
Any infrastructureContainers ● Public cloud ● Virtual machines ● Colocation ● Commodity HW ● Purpose-built HW
Data
plane
CODE CUSTOMERApp / web
server
Load
balancer
API
gateway
Web app
firewall
DNS CDNIngress
controller
DDoS
LOB
1…N
Self-Service PortalEcosystem Integrations
CLI
GUIYour Pipeline
NGINX Controller
Security Analytics APIMService
MeshADC
Centralized
Teams
Give persona-specific views | Get end-to-end visibility | Automate intelligently | Integrate with ecosystem
AppDevDevOpsSecOpsNetOps Architect
Control
plane
![Page 101: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/101.jpg)
| ©2019 F5101
Get Started with F5 and NGINXFOUR WAYS TO USE NGINX TO DELIVER CODE TO CUSTOMERS
Migrate Hardware to Software ADC
Per-App and DevOpsintegrated load balancing
Modernize Apps and Build New Apps
Lightweight, efficient service mesh and Kubernetes IC
Scale ADCs Across Multi-Cloud
Secure and portableapps across multi-cloud
Deploy API Management
End-to-end API lifecycle services
![Page 102: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/102.jpg)
102
LTMLocal Traffic Management
aWAFAdvanced Web Application Firewall
APMAccess Policy Manager
![Page 104: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/104.jpg)
104
ASM aWAF
Kampaň č. 1
![Page 105: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/105.jpg)
105
ASM to aWAF
ASM aWAF
BOT protekce
Limitovaná BDos detekce
OWASP Top 10
Několik LB metod
CredentialStuffing DB
Datasafe
BOT protekce
Plná BDos detekce
OWASP Top 10
compliance
Sada basic LB metod
AntiBotMobile SDK
ThreatCampaigns
* **
![Page 106: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/106.jpg)
106
ASM to aWAF
ASM aWAF
ThreatCampaigns
![Page 107: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/107.jpg)
107
SSL O Firepower
Kampaň č. 2
![Page 108: Prezentácia programu PowerPoint - ALEF · via JavaScript on web applications and an SDK on nativemobile applications. Shape Appliance (Hardware/ VM/ Hosted Cloud & API) It relies](https://reader033.vdocument.in/reader033/viewer/2022050421/5f909e36a6e3dc1af7114c96/html5/thumbnails/108.jpg)
Děkuji za pozornost!