F5 Networks -Application Security Manager

F5 Application Security Manager (ASM)


What Is F5 BIG-IP Application Security Manager or ASM?

F5 BIG-IP Application Security Manager (ASM) is an agile, certified web application firewall and comprehensive, policy-based web application security, which protect from malicious attacks on the applications your business relies on.
It also dynamically boosts performance with application optimization and acceleration technologies such as fast caching, compression, SSL offload, and TCP optimization.

Simple Example of F5 BIG-IP Application Security Manager or ASM:

The F5 BIG-IP Application Security Manager provides web application protection from application-layer attacks. The F5 BIG-IP Application Security Manager protects web applications from both generalized and targeted application-layer attacks, including buffer overflow, SQL injection, cross-site scripting, and parameter tampering. With the advancement of the tools like Firefox Firebug, an attacker can easily manipulate the request by inserting of SQL commands, HTTP structures into user input fields or manipulating of cookies or hidden fields. The BIG-IP ASM can detect and blocks an attack on the application layer and protects and logs those details.

Where We Can Use F5 BIG-IP Application Security Manager or ASM?

Any enterprise organization requires to protect their mission-critical enterprise Web infrastructure against application-layer attacks, and to monitor the protected web applications must have this solution in place to make sure of their business continuity.

Advance Benefits

Secure the Latest Interactive Web Applications

BIG-IP ASM secures the latest web 2.0 applications and protects valuable information from vulnerabilities. A unique blocking page is rendered with support ID for IT, notifying the user of an AJAX widget policy violation. BIG-IP ASM enforces strict policy rules on the data in JSON payloads, protecting applications from the latest JSON web threats.When policy is violated, BIG-IP ASM renders a unique blocking message for AJAX widgets, protecting JSON payloads.

Attack Expert System

As threats grow in number and complexity, the integrated and comprehensive attack expert system in BIG-IP ASM provides an immediate, detailed description of the attack, as well as enhanced visibility into the mitigation techniques used by BIG-IP ASM to detect and prevent the attack.

DataGuard and Cloaking

BIG-IP ASM prevents the leakage of sensitive data (such as credit card numbers, Social Security numbers, and more) by stripping out the data and masking the information.In addition, BIG-IP ASM hides error pages and application error information, preventing hackers from discovering the underlying architecture and launching a targeted attack.

PCI reporting

With PCI reporting, BIG-IP ASM lists security measures required by PCI DSS 2.0, determines if compliance is being met, and details steps required to become compliant if not.

Advanced Enforcement

BIG-IP ASM can secure any parameter from client-side manipulation and validate log-on parameters and application flow to prevent forceful browsing and logical flaws.HTTP parameter pollution (HPP) attacks are illegal requests with the URL separated with illegal parameters to bypass application security. BIG-IP ASM recognizes these attacks and blocks these requests, providing granular attack protection.

Web Scraping Prevention

BIG-IP ASM helps you protect your brand by shielding your websites from web scraping attacks that copy and reuse valuable intellectual property and information. By differentiating between a human and a bot behind a browser, BIG-IP ASM protects against automated requests to obtain data. Polices for web applications can recognize an increase in request volumes and alert BIG-IP ASM to review whether requests are desired. Known IP addresses approved to web scrape can be whitelisted for allowable scraping.

Group Incidents with Violation Correlation

When attack volumes rise, many network engineers see thousands of violations and may not understand which ones are correlated with a specific incident.With BIG-IP ASM, engineers can see incidents in a group of violations that are correlated according to a common rule or common criteria. For example, multiple attacks from the same source IP address are correlated into a single incident, for better visibility and management.

Geolocation reporting

Geolocation reporting informs you of the country where threats originate in addition to attack type, violation, URL, IP address, severity, and more. You can also schedule reports to be sent to a designated email address automatically for up-to-date reporting.With attacks coming from around the world, geolocation reporting in BIG-IP ASM helps you identify where threats originate, to better block future attacks.