F5 BIG-IP Application Security Manager (ASM)

BIG-IP Application Security Manager (ASM) - the manager of security of applications - a high-performance firewall of level of applications (Web Application Firewall, WAF).

A system provides the high level of security of applications. By means of the deep analysis of traffic of applications the product reflects complex DoS and DDoS of the attack. BIG-IP ASM provides compliance to the fundamental international standards of security (PCI DSS, HIPPA, etc.).

Properties

• Security of web applications which is not requiring change of their code
• Complete solution of reflection of DDoS of the attacks
• Complete reporting on events, logging
• High performance and flexibility
• Compliance to the international standards of security (PCI DSS, HIPPA, etc.)
• Reduction of a capital expenditure.
• Security of applications

Scheme of action of BIG-IP ASM, 2014 service

BIG-IP ASM will ensure safety of services of the company in details analyzing traffic of applications at higher level, i.e. it makes the analysis of requests of HTTP/S, SQL, JSON and so forth. Such approach helps to detect abnormal and harmful requests to the application and to prevent the attacks of XSS, hijacking, SQL injection and so forth. Requests from the malefactor to the application are done not pass, it reduces load of servers and ensures the safety of applications which is not requiring change of their code (for example, a web resource).

BIG-IP ASM will help to provide protection against DDoS of the attacks that will save operability of applications and performance of their work, will allow to avoid financial losses and reputation losses for the company. The protection DDoS mechanisms implemented in BIG-IP ASM help to reflect DDoS of the attack:

• HTTP flood,
• Slowris,
• SSL renegotiation
• others.

BIG-IP ASM daily loads from F5 service of a signature of the attacks on applications that will allow the company to minimize risks from new attacks to services.

Together with IP Intelligence BIG-IP ASM service classifies a source of requests to applications and on this basis applies security policies to traffic. IP Intelligence – F5 Networks service which helps to classify the IP addresses and IP networks of senders of requests to the application and the blocking traffic of these sources if they are defined as unsafe.

Categories:

• The active IP addresses of sources of the malware, viruses, rootkits, etc. are Windows exploits.
• Web attaks is sources which participate in operation of vulnerabilities a web of resources (iFrame injection, SQL injection, domain password brute force)
• Botnets is sources which are a part a bot of network (as the infected devices, and sources of management of them)
• Scanners is sources from which port scanning, scanning of domain zones, rough selection of passwords (brute force) is made
• Denial of Service is sources from which precedents of DoS and DDoS of the attacks are recorded
• Reputation is sources which are known as infected with the malware
• Phishing is different phishing services
• Proxy is the IP addresses of anonymous proxies of servers and TOR.

The product is available as:

• Hardware platform of BIG-IP
• Bleydovy VIPRION chassis
• Virtual device (BIG-IP Virtual Edition)

For April 28, 2015 BIG-IP Virtual Edition works at platforms of hypervisors VMware ESXi Microsoft Hyper-V Citrix XenServer Linux KVM, on the basis of a cloud service Amazon Web Services.