One of the biggest issues in network security is securing
web applications and sites. According to
a 2014 Gartner study, 70% of ALL threats are at the Web Application Layer. In the past, traditional stateful firewalls and
signature-based Intrusion Prevention Systems (IPS)/ Intrusion Detection Systems
(IDS) were the primary means of protecting your network-based
applications.
Today’s Next-Generation Firewalls (NGFW) attempt to improve
on those protection mechanisms by adding Layer 7 Application Firewalling,
Content Filtering, and enhancements to IPS / IDS. Even adding in a dedicated Web Application
Firewall (WAF) does very little to prevent Web Application Attacks. Sure, the level of protection increases with
each layer, but how much are you actually increasing the security level by
building on a poor foundation? That
“poor” foundation is based on a set of flawed premises.
The biggest of these flaws is that IPS / WAF are signature-based. Signature-based protection is completely reactive when it comes to dealing with
threats. The entire process for a
signature to be published is time consuming, not to mention that the vulnerable
system is exposed or taken offline until that process is complete.
The fact is most IPS and WAF implementations are running in
“monitor only” mode due to the high level of false positives. To avoid blocking legitimate users and
potential clients, these devices might be configured to alert or simply log
anything considered suspicious and nothing more. This leaves your web applications exposed and
vulnerable. It also puts your security
in a reactive state.
Juniper’s WebApp
Secure (JWAS) changes the game by being proactive
in dealing with threats to web applications.
The concept is simple - Intrusion Deception. Provide false information that a normal user
is either not going to see or is going to ignore, but that an attacker can’t
resist. The moment they act on that
false information, the attackers are classified and finger-printed. From there,
they can have various levels of counter-measures applied to them, up to and
including blocking. JWAS deals with Bots
and automated attacks as well by providing false information. The goal is to make hacking a site or
application so time consuming and cost prohibitive that attackers will simply
move on.
Enter Juniper’s Spotlight
Secure. Spotlight is an online
repository of attackers that have been finger-printed and classified. JWAS uploads this information to Spotlight
where other JWAS users can retrieve this information and automatically classify
known attackers based on their fingerprint.
So even if the attacker moves on to another site or web application,
every JWAS implementation subscribing to Spotlight can proactively take action against them at their first connection to a
protected system, up to and including implementing a “block” action immediately
if configured.
In conclusion, while firewalls, NGFWs, IPS and WAF offer
protection against known threats and
attacks, JWAS and Spotlight Secure take this to a whole new level of protection
by proactively mitigating threats,
both known and unknown, allowing security professionals to focus on other
potential attack vectors. Security
professionals can sleep at night knowing their web applications are protected
and secured.
For more information, please visit http://www.glcomp.com/media-room/juniper-university/webapp-secure-vs-waf
Great Article Cyber Security Projects projects for cse Networking Security Projects JavaScript Training in Chennai JavaScript Training in Chennai The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training
ReplyDelete