Top Banner
27

Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Jan 02, 2016

Download

Documents

Alfred Boyd

web servers vulnerable

mission critical servers

outbusiness drivers

box security schemes

complexitymix of software

different vendorsweb

competitive market

administrative privilegeshow

Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.
Page 2: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Before: Servers Behind Firewalls

Page 3: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Today: Servers Migrate Out

Business drivers:• E-Business• Supply chain management• CRM

Page 4: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Servers Placed in DMZ

Page 5: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Holes Punched in Firewall…

Page 6: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Holes Punched in Firewall…

Page 7: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Internet Facing Servers are at Risk

Page 8: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

And Through Them - Entire Network

Page 9: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Why Are Web Servers Vulnerable?

• Complexity• Mix of software from different vendors• Web masters have administrative privileges

Page 10: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

How Are Web Servers Attacked?

• Code injected through HTTP requests– Typically using a buffer-overflow vulnerability

• Attack used to:– Deface web site

– Install Trojan horse

– Plant backdoors

– Attack deeper into the organization

Page 11: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Attack Scenario

Page 12: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Attack Scenario

Page 13: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Attack Scenario

Page 14: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Attack Scenario

Page 15: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Attack Scenario

Page 16: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Solution: WaveBreaker

Page 17: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

FileSystem

Network Registry Processes

OS Services

IIS

Applications

WaveBreaker Architecture

Page 18: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

WaveBreaker Architecture

WaveBreaker Interception Layer

FileSystem

Network Registry Processes

IIS

Authorizer

Admin console

Page 19: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

WaveBreaker Architecture

FileSystem

Network Registry Processes

WaveBreaker Interception Layer

IIS

Authorizer

Admin console

Page 20: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

FileSystem

WaveBreaker Interception Layer

WaveBreaker Architecture

Network Registry Processes

OK

Authorizer

IIS

Admin console

Page 21: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

WaveBreaker Architecture

FileSystem

Network Registry Processes

WaveBreaker Interception Layer

IIS

Authorizer

OK

Admin console

Page 22: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

WaveBreaker Architecture

FileSystem

Network Registry Processes

WaveBreaker Interception Layer XWaveBreaker Interception Layer X

Authorizer

IIS

WaveBreaker’s performance overhead: Approximately 5%

Admin console

!

Page 23: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

WaveBreaker: Product Highlights

• Intrusion-proof protection for Microsoft®-IIS based applications

• Prevents:– Opening backdoors– Planting Trojan horses– Web site defacement– Attacks deeper into the corporate network

• Attacks are blocked in real-time• Out-of-the-box security schemes provide instant

protection• Easily configurable to support any web application• Security logs alert security administrators of attack

attempts

Page 24: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Simple Management

Page 25: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Full Event Monitoring

Page 26: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Conclusion

• Business drivers and competitive market no longer permit keeping mission critical servers behind firewalls.

• Internet-facing web applications are and will be vulnerable.

• WaveBreaker can provide the shielding needed to deploy internet-facing servers.

Page 27: Before: Servers Behind Firewalls Today: Servers Migrate Out Business drivers: E-Business Supply chain management CRM.

Thank you.


Related Documents
Firewall Suite - Firewall Configuration Guide · The Firewall Configuration Guide provides information about how to configure supported firewalls, proxy servers, and security devices

Firewall Suite - Firewall Configuration Guide · The...

Category: Documents
Servers: Database consolidation on Dell PowerEdge …i.dell.com/sites/doccontent/business/solutions/whitepapers/fr/... · Servers: Database consolidation on Dell PowerEdge R810 servers

Servers: Database consolidation on Dell PowerEdge...

Category: Documents
Implementing Firewalls & Proxy Servers - Robert Gezelter Software

Implementing Firewalls & Proxy Servers - Robert Gezelter...

Category: Documents
Working with Proxy Servers and Application-Level Firewalls Chapter 5.

Working with Proxy Servers and Application-Level Firewalls.....

Category: Documents
Firewalls Types of Firewalls

Firewalls Types of Firewalls

Category: Documents
firewalls...Firewalls Sommario • Introduzione (Sicurezza e Firewall) • Firewalls (Da bastion host a rete di difesa) •Firewalls(Overview) • 2 Filosofie ed 1 Principio Firewalls

firewalls...Firewalls Sommario • Introduzione (Sicurezza e...

Category: Documents
Small business servers: Database and email performance · Small business servers: Database and email performance WORKLOAD When we tested the HP ProLiant ML110 G5 servers running in

Small business servers: Database and email performance ·.....

Category: Documents
ARIZONA DEPARTMENT OF HOMELAND SECURITY · •Hardware - intrusion detection systems, intrusion prevention systems (firewalls), additional servers, routers/switches ... regarding

ARIZONA DEPARTMENT OF HOMELAND SECURITY · •Hardware -...

Category: Documents
Securing Communications - Dongseokowon.dongseo.ac.kr/~hjlee/03-AC00.4Securing Communication.pdf · ♦Types of concerns addressed ... – Firewalls/ QoS servers ... Main Source: Stallings.

Securing Communications -...

Category: Documents
HP ATA – Servers and Storage certification Learning_HP-Servers...Certification guide HP ATA – Servers and Storage certification Introduction In today’s business environment,

HP ATA – Servers and Storage certification...

Category: Documents
Firewalls - csci530l/slides/lab-firewalls-color.pdf · What do these 2 firewalls protect? Windows ... Linux Firewalls , Michael Rash, No Starch Press, 2007 ... lab-firewalls.ppt

Firewalls - csci530l/slides/lab-firewalls-color.pdf · What...

Category: Documents
Pianeta CIO Service Mgmt Web Version -  · Linux Servers Unix Servers M a ng em t S erv s Switches Storage Firewalls, Routers Il consolidamento delle risorse fisiche Windows Server

Pianeta CIO Service Mgmt Web Version -  · Linux Servers...

Category: Documents