F5 Networks -Application Security Manager
F5 Application Security Manager (ASM)
PROTECTING YOUR APPLICATIONS
PROTECTING YOUR APPLICATIONS
F5 BIG-IP Application Security Manager (ASM) is an agile, certified web application firewall and comprehensive, policy-based web application security, which protect from malicious attacks on the applications your business relies on.
It also dynamically boosts performance with application optimization and acceleration technologies such as fast caching, compression, SSL offload, and TCP optimization.
Any enterprise organization requires to protect their mission-critical enterprise Web infrastructure against application-layer attacks, and to monitor the protected web applications must have this solution in place to make sure of their business continuity.
BIG-IP ASM secures the latest web 2.0 applications and protects valuable information from vulnerabilities. A unique blocking page is rendered with support ID for IT, notifying the user of an AJAX widget policy violation. BIG-IP ASM enforces strict policy rules on the data in JSON payloads, protecting applications from the latest JSON web threats.When policy is violated, BIG-IP ASM renders a unique blocking message for AJAX widgets, protecting JSON payloads.
As threats grow in number and complexity, the integrated and comprehensive attack expert system in BIG-IP ASM provides an immediate, detailed description of the attack, as well as enhanced visibility into the mitigation techniques used by BIG-IP ASM to detect and prevent the attack.
BIG-IP ASM prevents the leakage of sensitive data (such as credit card numbers, Social Security numbers, and more) by stripping out the data and masking the information.In addition, BIG-IP ASM hides error pages and application error information, preventing hackers from discovering the underlying architecture and launching a targeted attack.
With PCI reporting, BIG-IP ASM lists security measures required by PCI DSS 2.0, determines if compliance is being met, and details steps required to become compliant if not.
BIG-IP ASM can secure any parameter from client-side manipulation and validate log-on parameters and application flow to prevent forceful browsing and logical flaws.HTTP parameter pollution (HPP) attacks are illegal requests with the URL separated with illegal parameters to bypass application security. BIG-IP ASM recognizes these attacks and blocks these requests, providing granular attack protection.
BIG-IP ASM helps you protect your brand by shielding your websites from web scraping attacks that copy and reuse valuable intellectual property and information. By differentiating between a human and a bot behind a browser, BIG-IP ASM protects against automated requests to obtain data. Polices for web applications can recognize an increase in request volumes and alert BIG-IP ASM to review whether requests are desired. Known IP addresses approved to web scrape can be whitelisted for allowable scraping.
When attack volumes rise, many network engineers see thousands of violations and may not understand which ones are correlated with a specific incident.With BIG-IP ASM, engineers can see incidents in a group of violations that are correlated according to a common rule or common criteria. For example, multiple attacks from the same source IP address are correlated into a single incident, for better visibility and management.
Geolocation reporting informs you of the country where threats originate in addition to attack type, violation, URL, IP address, severity, and more. You can also schedule reports to be sent to a designated email address automatically for up-to-date reporting.With attacks coming from around the world, geolocation reporting in BIG-IP ASM helps you identify where threats originate, to better block future attacks.