Sam Lin

Country Manager/Radware Taiwan

Radware 雲端 based Security 及

ADC (GLSB) for Hybrid Cloud

Security issues inside the cloud

Security cloud for public & private cloud

DDoS/SSL protection needed

Radware’s WAF Offerings

Best-of-breed WAF (Physical or Virtual Appliance)

Cloud WAF Service

13

No risk. No latency. Out-of-path deployment with line-speed mitigation at the perimeter

Integrated with ADC. Complete application delivery protection

Easy. Fully-managed on-premise WAF Fully Managed. Fully managed, cloud based protection

Unmatched protection. Full OWASP Top-10. Zero-day web-attack protection.

Continuously Adaptive. Auto policy generation. Advanced bot detection.

User need only to change cname in DNS for cloud WAF service

www.reservations.com

/register/

/info/

/reserve/

App Mapping

/admin/

/config/

/hotels/

20

www.reservations.com

/register/

/info/

/reserve/

App Mapping

/admin/

/config/

/hotels/

Threat Analysis

SQL Injection

CCN breach

Directory Traversal

Buffer Overflow

Spoof identity, steal user

information, data tampering

Information leakage

Gain root access control

Unexpected application behavior, system crash, full system compromise

21

www.reservations.com

/register/

/info/

/reserve/

App Mapping

/admin/

/config/

/hotels/

Threat Analysis

SQL Injection

CCN breach

Directory Traversal

Buffer Overflow

Policy Generation

Prevent access to sensitive app sections

Mask CCN, SSN, etc. in responses.

Parameters inspection a

Traffic normalization & HTTP RFC validation

22

www.reservations.com

/register/

/info/

/reserve/

App Mapping

/admin/

/config/

/hotels/

Threat Analysis

SQL Injection

CCN breach

Directory Traversal

Buffer Overflow

Policy Generation Policy Activation

Time to protect

Add tailored application rules

Optimize rules for best accuracy

Best Security coverage

Virtually zero false positive

23

IP-Agnostic Device Fingerprinting & Tracking

Operating System

Beyond source IP for identification & blocking

Detailed device fingerprint from over 2 dozen parameters

Precise activity tracking over time

Development of Device Reputation

Provides advanced protection from

- Website Scraping

- Brute Force Attacks

- HTTP Dynamic Floods

System Fonts

Browser Plug-ins

Screen Resolution

Local IPs

Improved Bot Detection and Blocking

24

Robust Global Cloud Security Network

Segregate clean and attack traffic with dedicated scrubbing centers

Over 2Tbps of global mitigation capacity

25

Radware Scrubbing Centers

Radware Security Cloud

Global Application Deployment

Slide 27

Private Data Center PUBLIC CLOUD

GSLB

50% 50% 100 Users The Rest All traffic Proximity based distribution

Controlled application availability and QoE 24/7!

What is an ADC

• Server load balancing for:

– High availability

– Scalability

– Performance optimization

WAN Datacenter

Alteon

Virtual ADC (vADC)

While in standard ADC resources are shared between apps,

Radware’s ADC fully isolates application resources to guarantee service-level

Physical (Memory, CPU, Storage)

Network (Network Tables, ARP tables)

Fault

Management

Optimize Normal

Operation

RTT-Based Optimal Link Selection

Optimal link selection based on full-path RTT measurement

Optimize Normal

Operation

Link A: 55ms

Link B: 94ms

Link A: 55ms

FastView Web Accelerator Optimize

Normal Operation

Automatically generates optimized browser/device-specific website versions

Website FastView

Real User Monitoring

Minimize Degradation

End-to-end transaction monitoring, as experienced by the end user: Real user time = Data Center Time + Network Time + Rendering Time

Network Time

Rendering time

Data Center Time

Integrated Web-Application Firewall (WAF)

Prevent Outage

Integrated WAF for protection against OWASP top 10 supporting separate policies per app

Streamlined Orchestration Optimize

Normal Operation

Seamless integration with Cloud Orchestration systems Via vDirect

Data Center/Cloud Ecosystems

Radware ADC Fabric

Alteon NG Platform Line-Up

Alteon VA

Alteon NG 6420 Alteon NG 5208 Alteon NG 8420

Alteon NFV Alteon Cloud VA

For any Size Enterprise Data Centers

Virtual

Appliances

Throughput: from 1 Mbps to 200 Gbps

Throughput: from 1 Mbps to 160 Gbps, vADCs: from 1 to 100

Alteon NG 6024

Radware DDoS/IPS/SSL Inspection (獨家完整,台灣最大) Security Solution

Perimeter LAN

Security Appliances (i.e. DLP,APT)

Client facing SSL handshake (server emulation)

Server facing SSL handshake (client emulation)

Prevent SSL re-negotiation Attack Prevent IPS ,high/low speed DDoS

Attack

Prevent high volume DDoS/SSl Attack and WAF service

Prevent SSL Malware intrusion and server/Link load balancing/ URL filter/WAF

Radware cloud

ISP( IPS/DDoS/WAF) cloud

綠線上四部机可連合防禦功能,單獨運做

Thank You