f5 networks- why legacy security systems are failing
DESCRIPTION
Nathan Pearce, Product Manager - EMEA at F5 Networks spoke at the CIO Event (dot) comTRANSCRIPT
![Page 1: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/1.jpg)
WHY LEGACY SECURITY SYSTEMS ARE FAILING
Nathan Pearce - @F5NetworksEMEAProduct ManagerEurope, Middle East & Africa
![Page 2: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/2.jpg)
2© F5 Networks, Inc.
• MI5 fighting ‘astonishing’ levels of cyber attacks
• “Most senior managers don’t know where their data is”, Varonis
• “Trust No One”, Fox Mulder, The X-Files
Know thine enemy
![Page 3: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/3.jpg)
3© F5 Networks, Inc.
Unknown Vulnerabilities in Web Apps
Web Application
Vulnerabilitiesas a percentage
of all disclosuresin 2011 H1
• Unable to find or mitigate vulnerabilities
• Very expensive to fix by recoding
• Difficult to include scanner assessments
• Need assurance that app sec. is deployed properly
Source: 1BM X-Force Research and Development
Web Applications: 37 percent
Others: 63 percent
![Page 4: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/4.jpg)
4© F5 Networks, Inc.
Cyber-attacks in the News for 2011
IBM X-Force 2011 Trend and Risk Report March 2012
![Page 5: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/5.jpg)
5© F5 Networks, Inc.
The two faces of hacking
IEEE Spectrumspectrum.ieee.org
![Page 6: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/6.jpg)
6© F5 Networks, Inc.
Attacks Are Moving “Up the Stack”Network Threats Application Threats
90% of securityinvestment focused here
75% of attacks focused here
L3 Security DDOS, packet filters, IP protocol validation, fragmentation, checksum, lengths, etc.
L4 Security TCP protocol validation, lengths, checksum , TCP DOS attacks, etc.
L5/7 Security Protocol level security of DNS, HTTP, SMTP, SIP etc.OWASP Top 10
![Page 7: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/7.jpg)
7© F5 Networks, Inc.
OWASP Top 10 Web Application Security Risks: 1. Injection 2. Cross-Site Scripting (XSS) 3. Broken Authentication and Session Management 4. Insecure Direct Object References 5. Cross-Site Request Forgery (CSRF) 6. Security Misconfiguration 7. Insecure Cryptographic Storage 8. Failure to Restrict URL Access 9. Insufficient Transport Layer Protection 10. Unvalidated Redirects and Forwards
Protection From Top Web App. Vulnerabilities(Open Web Application Security Project)
Source: www.owasp.org
![Page 8: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/8.jpg)
8© F5 Networks, Inc.
• Yes
• Its easy
• With free on-line lessons…
Can I be a hacker?
![Page 9: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/9.jpg)
9© F5 Networks, Inc.
How Long to Resolve a Vulnerability?
Website Security Statistics Report
![Page 10: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/10.jpg)
10© F5 Networks, Inc.
People. Applications. Data.Application and service delivery
Data center consolidationGARTNER: 88% of CIOs rate cloud computing a priority in the next 18 months
GARTNER: 70% of IT organizations prefer to deploy servers virtually rather than on hardware
![Page 11: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/11.jpg)
11© F5 Networks, Inc.
Protect Applications from ThreatsAdaptive and unique attack protection
Gain visibilityinto application sessions
Understand session context and apply policy
Take actionand mitigate offending clients
![Page 12: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/12.jpg)
12© F5 Networks, Inc.
Key Ingredients to Better Security
Scalable
Extensible and Adaptable
Context Awareness
Unified Security Platform
Engaged Community
![Page 13: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/13.jpg)
13© F5 Networks, Inc.
Key Ingredients to Better Security
Scalable
Extensible and Adaptable
Context Awareness
Unified Security Platform
Engaged Community
![Page 14: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/14.jpg)
14© F5 Networks, Inc.
Key Ingredients to Better Security
Scalable
Extensible and Adaptable
Context Awareness
Unified Security Platform
Engaged Community
![Page 15: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/15.jpg)
15© F5 Networks, Inc.
Key Ingredients to Better Security
Scalable
Extensible and Adaptable
Context Awareness
Unified Security Platform
Engaged Community
![Page 16: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/16.jpg)
16© F5 Networks, Inc.
Key Ingredients to Better Security
Scalable
Extensible and Adaptable
Context Awareness
Unified Security Platform
Engaged Community
![Page 17: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/17.jpg)
17© F5 Networks, Inc.
Key Ingredients to Better Security
Scalable
Extensible and Adaptable
Context Awareness
Unified Security Platform
Engaged Community TMOS TMOS
AVAILABLE
SECURE
FAST
AVAILABLE
SECURE
FAST
![Page 18: F5 Networks- Why Legacy Security Systems are Failing](https://reader036.vdocuments.net/reader036/viewer/2022062319/557f5361d8b42a822f8b490c/html5/thumbnails/18.jpg)
18© F5 Networks, Inc.
devcentral.f5.com
facebook.com/f5networksinc
linkedin.com/companies/f5-networks
twitter.com/f5networks
youtube.com/f5networksinc