Security

Google Activity Control

Google Activity Controls data: Avoiding privacy and compliance risk

December 5, 2018

Organizations should carefully consider the privacy and compliance risks that these Google Activity Control features create and employ strict cybersecurity compliance guidelines addressing these features that come as default settings as part of its initial operating standard.

WAF solution banner

6 Must-Have features for a WAF Solution

May 8, 2017

A WAF solution must offers protection from a number of different known and unknown threats and has the ability to perform deep-packet inspection

waf intro banner

Introduction of Web Application Firewall or WAF

May 8, 2017

Why WAF is important, and should have to maintain the highest levels of security efficacy for your organization’s application delivery infrastructure.

ransomware recovery

Ransomware Recovery Starts With a Data Strategy

April 5, 2017

Stopping ransomware may be an almost impossible act for IT organizations. But recovering from ransomware should not be. A key facet to successful ransomware recovery is a solid data protection strategy.

Ransomware Resistance

Five Steps to Raising Ransomware Resistance

April 4, 2017

What can enterprises do to protect themselves from an initial ransomware infection?. If it gets into one system, how to stop it from spreading to others?

ransomware for security priority

Why You Must Make Ransomware a Security Priority

April 3, 2017

One of the reasons why security priority on ransomware has become so popular lies in the simplicity of the business model used by cyber-criminals

fortinet terabit firewall header

Fortinet Introduces new Terabit Firewall Appliance

February 16, 2017

The FortiGate 3980E Terabit firewall is the world’s first security appliance to achieve Terabit per second (Tbps) firewall performance.

Month of Security: Your Network might be in DANGER!

January 6, 2017

Securing the data on your network security may not seem very important to you until you lose your data or the privacy of your data content.

Is your organization prepared for a Ransomware attack?

December 28, 2016

Successfully defending your organization against ransomware attack takes preparation and an understanding of what to look for if an attack begins.

Choosing The Right Web Application Firewall (WAF)

October 24, 2016
vulnerable

Currently, attackers continued to breach networks with highly targeted spear-phishing attacks. Attackers Are Streamlining and Upgrading Their Techniques, While Companies Struggle to Fight Old Tactics. Attackers also perfected watering hole attacks, making each attack more selective by infecting legitimate websites, monitoring site visitors and targeting only the companies they wanted to attack. This makes it far more difficult for administrators and security teams to keep up to date on the latest attacks and protection measures, so a robust and agile Web Application Firewall or WAF isn’t a luxury – it’s a requirement!

Many organizations started extending their business by using cloud-hosted or web-based applications. Web-based applications currently become popular because it’s simple, user doesn’t need to install anything, users with any device(mobile device, desktop, and future device that don’t exist yet) can access and able to use it immediately. There is no waiting for the version of the app to be released and you need only have one person/team maintaining a single code base. Single-source means that there is a single version of the code base that all users across all platforms access and use. As these web- based applications become more popular, attacks become increasingly sophisticated and frequent, threatening enterprise data.


Here’s a some considerations when selecting Web Application Firewall or WAF:

1. Network Architecture and Application Infrastructure
Web Application Firewall or WAF are designed to watch and respond to HTTP/S traffic. They are most often deployed as appliances in the line of traffic between the requester and the application server, inspecting requests and responses before forwarding them. Inline deployments tend to be most effective in actively blocking malicious traffic based on policies and rules that must be applied judiciously to avoid dropping legitimate traffic. There are three types of inline deployments: Reverse Proxy, Router mode and Bridge Mode.

A Web Application Firewall or WAF can also be deployed “outline” which allows the Web Application Firewall or WAF to observe traffic from a monitoring port. This non-intrusive “passive” deployment option is ideal for testing the Web Application Firewall or WAF without impacting traffic, yet still enabling the Web Application Firewall or WAF to block malicious requests.

2. Performance, High Availability, and Reliability
Web Application Firewall or WAF play an essential role in maximizing throughput and ensuring the high availability of the application(s) they protect. Web Application Firewall or WAF capabilities should include features that address these factors directly:

  • Caching copies of regularly requested web content reduces repeated requests to back-end servers.
  • Hardware-based SSL acceleration speeds SSL processing and reduces the burden on back-end web servers.
  • Load balancing web requests across multiple back-end web servers optimizes performance.
  • Connection pooling reduces back-end server TCP overhead by allowing multiple requests to use the same back-end connection.

  • 3. PCI DSS Compliance
    The best Web Application Firewall or WAF can identify, isolate, and block sophisticated attacks without impacting legitimate application transactions. In addition, some Web Application Firewall or WAF offer PCI reporting, which determines if compliance regulations are being met, and if they are not, details the steps required to become compliant.

    4. Data Classification of Protected Applications
    Web Application Firewall or WAF solution needs to be able to understand the application and the data that it is protecting. If that data is encrypted, Web Application Firewall or WAF must be able to decrypt the information and then classify the data within the apps in order to provide additional protection. A strong Web Application Firewall or WAF can terminate SSL traffic, expose what is inside it, and make security decisions based on the encrypted data.

    5. Visibility and Reporting
    Reports provide visibility into attack and traffic trends, long-term data aggregation for forensics, acceleration of incident response, and identification of unanticipated threats before exposure occurs. Many Web Application Firewall or WAF also integrate with database security products to give administrators a real-time view into the operation of their websites, and provide reports on web-based attempts to gain access to sensitive data, subvert the database, or execute DoS attacks against the database.

    6. Automatic Attack Detection
    A strong Web Application Firewall or WAF extends bot-defense capabilities to deliver always-on protection—preventing automated layer 7 DDoS attacks, web scraping, and brute force attacks from ever materializing. This proactive approach to detection identifies more evasive bot sequences that may escape traditional detection methods, and identifies unauthorized, automated attacks upon the first attempt to access an application.

    7. Device ID and Fingerprinting
    Browser fingerprinting captures browser attributes in order to identify a client. This is a great way to identify or re-identify a visiting user, user agent, or device. This persistent identification of a client is important in that it allows tracking across sites. Attributes can be very revealing, enabling you to draw inferences about visitors, track users across origins, and share information, all to identify repeat offenders.

    Fingerprinting-based identification is not always reliable and may not work with all device or browser types. Check with your Web Application Firewall or WAF vendor for a list of supported devices/browsers, specific features supported, a list of attributes collected, and what information is reported (e.g., the number of cookies deleted, unique data found).

    8. SSL Offload
    SSL processing can put a strain on application resources. Offloading SSL computation to other network resources allows applications to dedicate important CPU resources to other processing tasks, which can improve performance. Web Application Firewall or WAF that support SSL offloading maximize the utilization of the applications they protect, eliminate the need to buy additional hardware, and increase the value of the Web Application Firewall or WAF itself. Make sure that the Web Application Firewall or WAF you’re considering can offload that processing work to keep everything running smoothly.

    9. Anti-Fraud Capabilities
    More advanced Web Application Firewall or WAF solutions integrate with web fraud detection services to simplify deployment, streamline reporting, and strengthen the overall application security posture by thwarting requests from validated fraudsters. These integrated services should enable organizations to rapidly respond to threats at the network and application level.

    Web Application Firewall or WAF should efficiently and accurately correlate application attacks—including web scraping, and DDoS, brute force attempts—with client-side attacks targeting end users. Moreover, a good Web Application Firewall or WAF should allow you to easily understand the full scope of the fraud threat across the network, application, and user

    10. Scalability and Performance
    Organizations need to ensure application availability, even when under attack. The best Web Application Firewall or WAF can help you dynamically boost performance with application optimization and acceleration technologies like fast caching, compression, SSL offloading, and TCP optimization. An enterprise-grade Web Application Firewall or WAF, with robust appliances and through centralized management, can easily scale to handle large volumes of traffic. In addition, cloud-based Web Application Firewall or WAF can be deployed on demand to achieve seamless and limitless scalability, resulting in better performance, faster response times, and cost efficiencies.

    Conclusion:
    A powerful Web Application Firewall or WAF solution enables organizations to protect against OWASP top 10 threats, application vulnerabilities, and zero-day attacks. With strong Layer 7 DDoS defenses, detection and mitigation techniques, virtual patching, and granular attack visibility thwart even the most sophisticated threats before they reach your servers. A good Web Application Firewall or WAF also enables compliance with key regulatory standards like HIPAA and PCI DSS.

    Enterprise Firewall Infographic banner

    Enterprise Firewall to Protect Entire Network

    August 26, 2016

    Firewall is a network security system, either hardware-based or software-based system that controls incoming and outgoing network traffic based on predetermined rules

    Fortinet – How Sandboxing Breaks The Cyber Attack Kill Chain

    May 15, 2016

    How Sandboxing Breaks The Cyber Attack Kill Chai

    Fortinet – IDC IT SECURITY MATURITY SCAPE

    May 15, 2016

    Fortinet, a security that prevent the catastrophic damage.

    0811-1237-916