Riverbed Securing Cloud Applications with a Distributed Web Application Firewall

  • View

  • Download

Embed Size (px)


The dramatic growth of online business along with the rise of cloud technologies has been accompanied by a burst of innovative ways to engage customers and drive new business models. It has also brought new security challenges as more customers and transactions are processed through online portals. The focus of IT security is increasingly moving away from the network and IT infrastructure to the application and software architecture itself, which means IT organizations need to adapt to new security challenges.

Text of Riverbed Securing Cloud Applications with a Distributed Web Application Firewall

  • 1. Securing Cloud Applications with a Distributed Web Application Firewall www.riverbed.com 2013 Riverbed Technology
  • 2. Primary Target of Attack Shifting from Networks and Infrastructure to Applications NETWORKS 2013 Riverbed Technology | www.riverbed.com INFRASTRUCTURE APPLICATIONS
  • 3. Cloud Applications Are Exposed to New Threats Designing for dramatically larger number of users shifts focus towards performance and away from security Cloud Cloud applications use off-the-shelf building blocks, in house services, and 3rd party frameworks each with individual vulnerabilities Vulnerabilities exposed when applications designed for in-house data centers migrate to the cloud 2013 Riverbed Technology | www.riverbed.com
  • 4. There is a Real Cost of Not Securing Applications Global headlines. Real business impact. 3 $10,000,000 500,000 $94,000,000 40,000,000+ Months offline fined for security breach replacement credit cards issued in remediation costs credit card details lost 2013 Riverbed Technology | www.riverbed.com
  • 5. Beyond $$: Other Business Drivers for Application Security ! Regulatory Pressures ! PCI DSS, HIPAA, etc. Compliance Revenue & Reputation ! Opportunity cost of remediation ! Brand and reputation damage ! Loss of income ! Data Privacy Act Best Practices ! Security Governance ! Cross-business collaboration ! Delegation of responsibility ! Understand changing risk profiles of your application ! Due Diligence 2013 Riverbed Technology | www.riverbed.com
  • 6. Changing Risk Profiles Make it Harder to Secure Cloud Applications Vulnerable third-party software components Malicious requests (e.g. SQL-injection) Cross-site request forgery (CSRF) Authentication and session attacks Cross-site scripting (XSS) For detailed information on the latest trends in application vulnerabilities, see OWASP Top Ten Projects at https://www.owasp.org/ 2013 Riverbed Technology | www.riverbed.com URL manipulation
  • 7. Traditional Web Application Firewalls are Not Effective in Cloud Environments TRADITIONAL SOLUTION IS INEFFICIENT Dedicated hardware WAF One WAF per deployment Increased capital costs Decreased provisioning agility in a dynamic, virtualized environment Increased management costs without levels of delegation for administration 2013 Riverbed Technology | www.riverbed.com
  • 8. REQUIRED: A Distributed Web Application Firewall Purpose-built for Cloud Security
  • 9. The Web Application Firewall Must be Massively Scalable & Portable ! Across CPU, computer, server rack and data center boundaries Public Private ! Across multiple applications at a time (e.g. cloud bursting) ! Across private, hybrid or public clouds, and small or large traditional data centers ! Available as virtual appliance and a plug-in ! Start small, but allow scale up without changes to security solution Data Center Local Machine 2013 Riverbed Technology | www.riverbed.com
  • 10. Flexible, Portable Across Platforms Fits into existing infrastructures and processes Available as virtual appliance and a plug-in 2013 Riverbed Technology | www.riverbed.com Can live in a wide variety of components effectively Mixes traditional and virtual technologies
  • 11. Distributed and Delegated Management Public 1 2 Easy, central management with a simple web-based management UI Granular configuration settings for each application and each customer Private 3 Proactive Monitoring tuned for each application 4 Multi administrator privileges to handle diverse security policy schemes Fits into any existing or planned application delivery infrastructure. 2013 Riverbed Technology | www.riverbed.com
  • 12. Securing Cloud Applications with a Distributed Web Application Firewall Download the Complete Whitepaper from www.riverbed.com/s2ngray-appsec Follow Us : www.riverbed.com2013 2013 Riverbed Technology