security
There are 53 entries for the tag security
#virtualization #vdi Scaling VMware View from hundreds to thousands of devices can strain the network and data center connectivity. Additionally, if poor performance hinders access to virtual desktops, end-user productivity will suffer. F5 BIG-IP LTM and BIG-IP GTM Application Delivery Controllers support redundant tiers of infrastructure within and across data centers, for maximum availability. In addition, the patented, unified F5 TMOS product platform provides tremendous scalability -- from thousands to millions of transactions per second. F5 can help by making VMware View secure, fast, scalable, and available. More information about F5's solution for VMware View can be found...
Human Kinetics publishes and sells print, online, and multimedia materials related to kinesiology. It hosts its own e-commerce website and nearly 40 other educational and storefront sites, which together get about half a million unique visits per month. A year after its deployment, HK's third-party network solution had become unstable, was inflexible and difficult to support, and impaired performance. HK replaced the solution with F5 BIG-IP Local Traffic Manager and BIG-IP Application Security Manager. Human Kinetics - F5 Case Study More resources: Human Kinetics ...
Blue Cross Blue Shield of Kansas City (BCBSKC) is the area's largest health benefits provider. As a prominent local healthcare provider with a strong reputation for quality, BCBSKC recognized the need to ensure high availability and strong security for their website, which typically receives more than 30,000 hits a day. By using F5 solutions, Blue Cross Blue Shield dramatically improved page load times, supercharged their application performance, improved their scalability to meet future growth challenges, and effectively locked down their data to meet the rigorous compliance goals mandated by the Health Insurance Portability and Accountability Act (HIPAA). ...
#mobile #IPv6 Mobile devices. Plants. Cars. Cows. It’s time to get serious about that move to IPv6. Until recently the motivation for migrating from IPv4 to IPv6 has been, well, less than urgent. If consumerization hasn’t been enough of an impetus to get you seriously thinking about migration, maybe the reality that even cows are now being Internet-enabled might. (Check out the infographic linked below for the story) There has been some contention about the number of connected things and by when. Cisco's prediction of 50 billion devices by 2020 matches Ericsson CEO Hans Vestberg's...
#infosec #adcfw #LOIC Did you rush out to check if a site was really taken down? If you did, you may have unintentionally helped The focus on Anonymous’ self-described retributive attacks on a variety of sites last night has been on its use of LOIC – Low Orbit Ion Cannon – as a means to achieve maximum effect with minimal resources. It’s a connection-based attack, pure and simple. A DDoS at the application layer, which makes it nearly impossible to detect, let alone stop. The tool isn’t really anything special in execution. Its ability...
#infosec #F5 and #Oracle have partnered together to deliver a unique integration Many organizations rely on Web applications powered by Oracle databases to run their missions critical business applications. The requirement to protect both the Web tier and the Database tier from unauthorized access, malicious attacks, and SQL Injection is more important than ever. F5 Networks and Oracle have partnered together to deliver a unique integration of the F5 Application Security Manager web application firewall with the Oracle Database Firewall. This recorded demo is designed to show the benefits of enhanced reporting, better security, and a defense in depth...
“F5 delivers the performance that citizens want and the security we need.” -- Ivo Tuytens, IT Security Manager, RVP Customer: RVP Vertical: Government F5 Solution: BIG-IP Local Traffic Manager / BIG-IP Application Security Manager Summary: The Rijksdienst voor Pensioenen (RVP) is the government agency that handles pension information for the citizens of Belgium. When RVP it decided to make pension data accessible over the Internet to all employed people and pensioners in the country, it had two key concerns. First, it had...
#infosec #fasterapp This video sets the stage for IT having to manage multiple networking challenges when faced with a natural disaster causing their data center to shut down. With careful planning, the evolution of the network and application delivery allows the single point of control to automate, provision and secure their virtual and cloud environments. The F5 Dynamic Data Center Resources F5 Security Vignette: Proactive Security F5 Security Vignette: DNSSEC Wrapping F5 Security Vignette: Hacktivism Attack ...
#infosec #cybersecurity Security is a never ending battle. The bad guys advance, we counter, they cross over ... you're just never done. To give our side an edge we do a lot of research. If we were going to sum up the role of security in corporate IT today we'd have to say it's to "be prepared." This series looks at many of those security concerns which can be addressed proactively, before they are exploited or become a fire drill. F5 Security Vignette: iHealth Related: F5 Security Vignette: Proactive...
#infosec If we were going to sum up the role of security in corporate IT today we'd have to say it's to "be prepared." This series looks at many of those security concerns which can be addressed proactively, before they are exploited or become a fire drill. When we hear about an Apache vulnerability, it gets our attention. In this case the issue was the way Apache handles HTTP RANGE headers, which are used to request individual sub-ranges of a given response, instead of the entire response. The problem is that responding to an HTTP RANGE request...
The consequences of exposing hundreds of thousands of customer credit card numbers is unthinkable. Fines, lawsuits, damaged brand -- the effects can be catastrophic. Even if it was accidental, the effect would be the same. If we were going to sum up the role of security in corporate IT today we'd have to say it's to "be prepared." This series looks at many of those security concerns which can be addressed proactively, before they are exploited or become a fire drill. F5 Security Vignette: Credit Card iRule Related: F5 Security...
The premise of the SSL Renegotiation DOS attack is simple: "An SSL/TLS handshake requires at least 10 times more processing power on the server than on the client". If a client machine and server machine were equal in RSA processing power, the client could overwhelm the server by sending ten times as many SSL handshake requests as the server could service. The counter measure against the attacks was to write an iRule to limit renegotiation requests to 5 per minute per session. If we were going to sum up the role of security in corporate IT today we'd...
If we were going to sum up the role of security in corporate IT today we'd have to say it's to "be prepared." This series looks at many of those security concerns which can be addressed proactively, before they are exploited or become a fire drill. The F5 Security Vignette series looks at various security concerns, vulnerabilities and attacks which can cause headaches for Corporate IT and the business integrity overall. F5 Security Vignette: Hacktivism Attack Related Resources: F5 Security Vignette: Proactive Security F5 Security Vignette: DNSSEC Wrapping...
Answer: All the time #infosec Despite the fact that web application firewall (WAF) solutions have been around for quite a number of years, there still seems to be confusion around what it is they do. In particular, there’s a troubling trend that tries to compare WAF with IPS (Intrusion Prevention Systems). This is essentially the same as trying to shove a square peg into a round hole. Or, if you prefer, viewing everything as a nail because all you have is a hammer. While it is true that IPS technology is increasingly looking up...
The dirty little secret of the Internet is how insecure DNS really is. The good news is, there's a solution -- DNSSEC. It secures the DNS query and response process. The F5 Security Vignette series looks at various security concerns, vulnerabilities and attacks which can cause headaches for Corporate IT and the business integrity overall. F5 DNSSEC Wrapping Resources: F5 Security Vignette: Proactive Security F5 YouTube Channel Latest F5 Information F5 News Articles ...
#infosec Security is such a small word considering the breadth of concerns it must address. Welcome to the F5 Security Vignette series, in which we’ll look at various security concerns, vulnerabilities and attacks which can cause headaches for Corporate IT and the business integrity overall. If we were going to sum up the role of security in corporate IT today we’d have to say it’s to “be prepared.” This series looks at many of those security concerns which can be addressed proactively, before they are exploited or become a fire drill. This video covers SSL Certificates....
“BIG-IP LTM does exactly what we need it to do…I highly recommend #F5.” -- George Pagaremos, IT Manager, Greek Yellow Pages Customer: Greek Yellow Pages Vertical: eCommerce F5 Solution: BIG-IP Local Traffic Manager (LTM) Summary: Every year, millions of people turn to Greek Yellow Pages to look up information, and they expect to find answers almost instantly. The company consequently has to ensure that its website provides exceptionally fast performance. At the same time, Greek...
F5 BIG-IP ASM earns a five-star rating from SC Magazine Every day seems to bring word of a new threat vector, many of which are simply new twists on old attack techniques. Still others are exploiting the trust relationship between client and application, while yet another avenue takes the tried and true network-based approach to attacking sites. A comprehensive security strategy is necessary to combat the increasing frequency of attacks as well as the broadening spectrum of techniques used that span the entire network and application stack. Whether in the data center...
#infosec A look at common security headaches plaguing IT. This week – SSL certificates. The F5 Security Vignette series looks at various security concerns, vulnerabilities and attacks which can cause headaches for Corporate IT and the business integrity overall. This video covers SSL Certificates. Connect with F5: ...
#v11 Carrier-grade DNS is critical to supporting the growth and stability of large-scale carrier infrastructure.
Remember little Oliver in Charles’ Dickens’ “Oliver Twist”? More specifically, recall his famous early line in the orphanage, “I’d like some more, please.” Now imagine millions of Oliver Twists around the globe asking of carriers, “I’d like some more, please.” Only they aren’t interested in breakfast, they want bandwidth and services and speed and stability.
Carrier networks are the first to feel the strain under the increasing burden of more and more mobile devices and users consume more and more multimedia resources. Video, audio, games,...
#v11 SlowLoris? DDoS? HTTP flood? We’ve got your back … and your front. Whether critical applications live in the cloud, in the data center, or in both, organizations need a strategic point of control for application security. F5 BIG-IP Application Security Manager (ASM) provides the security, intelligence, and performance that today's dynamic infrastructure demands. F5 BIG-IP ASM version 11 is cloud-ready, offering flexible deployment and cloud security for virtualized applications, including the ability to sync policies among BIG-IP ASM cluster members. BIG-IP ASM also has the deepest vulnerability assessment integration, which gives organizations the most comprehensive vulnerability...
BEAST continues to follow the trend of exploiting protocol behavioral flaws The Internets are a buzz with the latest SSL/TLS exploit known as BEAST (Browser Exploit Against SSL/TLS). BEAST appears to be a combination of man-in-the-middle and CSRF (Cross-Site Request Forgery) attacks that could result in the theft of protected data stored in encrypted cookies, such as login or account information exchanged with sites through which payments and other privacy-sensitive transactions are made. Some of the reaction to BEAST has been hyper-inflated. The exploit requires fairly elaborate CSRF before the SSL/TLS vulnerability can even...
#infosec Scaling security
This is a guest post from Garret Grajek is CTO and a co-founder of SecureAuth and is reposted with permission. The original post can be found here: F5 APM/SecureAuth – “The” Way to Deploy/Secure Large Scale Web/SaaS Apps
“I.T.” is a wonderful thing, when it’s allowed to be…
What I mean by that – it I.T. really the bastion of the “right idea”. The right idea will eventually win in I.T. – it’s never a guarantee who will capitalize on the idea, or who will even be the dominant purveyor of the “idea” – but regardless the right...
#v11 DNS: Critical to availability and performance, susceptible to attack. DNS is one of the key elements in the network that delivers content and applications to the user. However, DNS also manages a distributed and redundant architecture to ensure high availability and quality user response time. Due to the crucial role it plays in a network, DNS is also a high-value security target. Security attacks can flood DNS servers to the point of failure. To prevent this, a high-performing, secure DNS architecture and DNS offload capabilities must be integrated into the network. DNS Express manages authoritative...
For the sixth consecutive year, Information Security readers voted to determine the best security products. F5 BIG-IP Edge Gateway was named a “Gold Winner” in TechTarget’s 2011 Readers’ Choice Awards in the Best Secure Remote Access Product category. BIG-IP Edge Gateway combines the capabilities of BIG-IP Access Policy Manager, BIG-IP WebAccelerator, and BIG-IP WAN Optimization Manager as a standalone appliance. BIG-IP Edge Gateway provides secure remote access, web access management, web and WAN acceleration and optimization in a single, easy to manage device. With the increasing number of mobile devices used by both employees and customers...
Building #F5 solutions into its core architecture enabled a scalable, secure platform for SaaS provider SingularLogic. Vertical: IT Services Location: Greece F5 Solutions: BIG-IP Local Traffic Manager (LTM), BIG-IP Application Security Manager (ASM), BIG-IP Link Controller (LC), iRules BUSINESS CHALLENGE SingularLogic provides applications for enterprise resource planning (ERP), customer relationship management (CRM), accountancy, finance, and hospital. It can’t afford to skimp on security to gain the scalability and performance required to successfully deliver software as a service. With 40,000 customers, SingularLogic is the leading software and integrated IT...
#v11 #infosec Few operating environments are as security-strict as found in government agencies. BIG-IP v11 provides capabilities necessary to improve security and efficiency in those environments. Both government agencies and public sector organizations are embattled with attackers leveraging increasingly complex attacks. Government agencies saw a 39 percent growth in cyber incidents in 2010 (Federal Cyber Incidents Rose 39% in 2010, Government Information Security News, March 24, 2011), a 445 percent increase in cyber attacks since 2006 (Government IT contractors remain optimistic about future, Homeland Security Newswire, January 12, 2011). And in recent years, government agencies and public sector...
#v11 #F5agility The next generation of infrastructure from F5 is ready and ABLE to meet the challenge Today F5 has introduced the next generation of its application delivery infrastructure, v11. This new generation of BIG-IP is ready to meet the challenges arising from a variety of external forces driving IT toward a dynamic data center by being more able – manageable, scalable and mitigating preventable attacks while being more adaptable than ever. One of the hallmarks of an F5 infrastructure solution is that it offers the ability to take advantage of contextual intelligence at...
#v11 Preventable Massive DDoS Attack Hit DNS Root Servers - www.esecurityplanet.com Oct 23, 2002 – The 'ping-flooding' attack interrupted Web traffic on nine of the 13 DNS root servers but experts dismissed the overall threat as 'minimal.' DNS DDoS Attack Takes Down China Internet | Darknet - The Darkside May 22, 2009 – The latest news is a few million Chinese Internet users had trouble accessing any websites yesterday due to a DDoS attack on the DNS system ... Major DNS DOS attack Posted (April 8th, 2007 at 1:29...
#v11 Preventable attacks Today’s malware and other penetration techniques are custom-made, can adapt, and can cover the tracks of those seeking the information. An assault may start at the network level with DNS, ICMP, or SYN flood attacks, then move to the application with layer 7 DoS, SQL injection, or cross-site scripts (XSS); once the system is compromised, the attacker goes after the data. Attackers also often leave “back doors” so they can easily come and go before being detected. Many organizations do a decent job of securing their infrastructure components, but are challenged when...
World #IPv6 Day may shape up to be a test of not only IPv6 support, but of security as well Tomorrow, June 8, is World IPv6 Day, when hundreds of participants will be – in the tradition of “live demos” – performing a full scale test of IPv6 interoperability with one another, with core Internet infrastructure and with any IPv6-enabled endpoint (that’s possibly you, by the way). Because of the nature of what’s being tested (it is called Internet Protocol v6, after all) it apparently may not be only a test of interoperability but also a...
#50waystousebigip Everyone knows the BIG-IP system does great load balancing, right? Right. But there’s a ton of other things it’s great at. This week we look at architecture . ARCHITECTURE Architecture is not something one often considers as a “feature” of data center...
#50waystousebigip Everyone knows the BIG-IP system does great load balancing, right? Right. But there’s a ton of other things it’s great at. This week we look at security. 50 Ways to Use Your BIG-IP System - Security View more presentations from F5 Networks FIND OUT MORE How do you use your BIG-IP system? We want to know, so tell us about it. If you’re one of the first 100 to share your story you’ll get an awesome cool t-shirt. If you’re one of the Top 4 stories...
#msteched Your unified communications infrastructure is strategic, shouldn’t the infrastructure supporting it also be strategic? Everyone is gearing up for Tech•Ed North America 2011 (May 16-19, Atlanta) and F5 is no exception. We’ll be exhibiting at the show (Booth # 1509) as well as hoping to take home top honors in the Best of Tech•Ed 2011 awards in the networking category. F5 was honored to be named a finalist in the Networking category by Penton Media’s Windows IT Pro, SQL Server Magazine, DevProConnections and SharePointPro. F5’s long-term partnership with Microsoft...
#50waystousebigip Everyone knows the BIG-IP system does great load balancing, right? Right. But there’s a ton of other things it’s great at. This week we look at security. SECURITY Security is one of the three core operational risks. Failure to maintain security means failure...
The signing of dot com will enable 100 million domains to deploy DNSSEC MARCH 31, 2011 (THE INTERNETS) In what has been many long years coming since the finalization of the DNSSEC specification circa 2004/2005, the rollout of the signed .COM top level domain (TLD) should, based on the projected schedule and the fact that there’s only one day left in March, happen tomorrow. This event is expected to trigger widespread DNSSEC deployments around the world as organizations hope to leverage the enhanced security mechanism to assure the accuracy of DNS data. .COM is the last...
IT security professionals view “hacktivism” as simply an extension of current threats and highlight the importance of network and application security ...
F5 BIG-IP LTM and ASM Customer Success Story Customer: Human Kinetics Vertical: Publishing and e-Commerce F5 Solution: BIG-IP LTM BIG-IP ASM Partner: CDW The improvement in functionality, performance, security, and support with F5 has been outstanding. It’s difficult to compare the improvement because it’s just done so much for us.” - Brad Trankina, Director of Network and Information Systems, Human Kinetics Business Challenge: Illinois-based Human Kinetics (HK)...
If you’ve got a BIG-IP you can ease their concerns in about 3.5 seconds*. The big security news this week has been all about Firesheep and the insecure nature of social networking sites – Facebook, Twitter, MySpace, yada, yada. The problem is, to get to the point, that many sites (not just the big names, mind you) only leverage SSL during the exchange of credentials. You know, the login page. Everything else – including cookies – are exchanged in the clear and easily sniffed out on a public WiFi connection. Or your corporate...
Customer: Bezeq International Vertical: Telecommunications F5 Solution: BIG-IP ASM Bezeq International’s prime security concerns are around data integrity and compliance with the regulations that surround data integrity. BIG-IP ASM delivers on both counts.” - Ami Hoffman, Information Security Director. Bezeq International Business Challenge: Bezeq International is an ISP and hosting provider with more than 1 million customers, ranging from small businesses to large...
Peter Silva of F5 sits down with IOActive's Dan Kaminsky at RSA 2010. In this extremely informative and lively discussion, the Domain Name System is the topic. DNS infrastructure, DNS vulnerabilities including DNS Cache Poisoning, DNSSEC and what's happened since the discovery of the flaw are all discussed. In 3-10 minute segments. Dan Kaminsky Interview, Part 1: Dan Kaminsky Interview, Part 2: Dan Kaminsky Interview, Part 3: ...
When F5 recently announced the Access Policy Manager (APM) one of the exciting elements was the ability to add access control and single-sign-on (SSO) capabilities to existing application delivery controllers. This allows customers to simplify their application deployments and provides a significant cost savings. Of course, releasing a new product offering that promises amazing new capabilities and enormous cost savings is something that anyone can do. Once the customer has it, it is often left up to them to figure out how to integrate it into their environment—a task which often decreases the value of the...
The majority of DNS infrastructures are vulnerable today. More and more customers are looking for a way, and allocating larger budgets, to protect and secure their DNS Infrastructures. Recently there have been several high profile attacks on the DNS systems. F5 and Infoblox together are uniquely positioned to solve these problems and secure the DNS infrastructures. Every organization should be thinking about the security and scalability of their DNS infrastructure. The combination of F5’s and Infoblox’s appliances provide enterprise customers an opportunity to build authoritative DNS infrastructure without giving up either global server load...
A recent article asserts with its title that “95% of email is spam.” The article backs up its title with information gleaned from a recent study conducted by the European Network and Information Security Agency (ENISA) on the subject of spam: The European Network and Information Security Agency (ENISA) released its new spam report which looks at spam budgets, impact of spam and spam management. The survey targeted email service providers of different types and sizes, and received replies from 100 respondents from 30 different countries, throughout the EU (26/27...
Microsoft Forefront Unified Access Gateway (UAG) is the evolution of Microsoft’s Intelligent Application Gateway (IAG 2007). Forefront UAG is a secure remote access solution focusing on applying application intelligence and granular access control across applications to enable easy management of access to enterprise applications by mobile and remote employees and partners. Forefront UAG provides centralized management and policy control across all users, devices, and network resources. Scaling solutions such as Forefront UAG is often challenging because of the unique requirements raised by such solutions, such as routing server generated connections in situations where the client has a...
On Monday, November 16th, F5 announced a partnership and OEM agreement with Quova, Inc, providers of IP geolocation data. IP geolocation is technology that allows physical location information to be extrapolated from an end-user’s IP address. For example, geolocation data can be used to identify if a user is accessing a website from North America. Where Quova technology differs from standard geolocation data is the granularity of information they provide. One of the challenges of using geolocation is the accuracy of the information and the ability to use that information to reliable make network and application decisions. Not only...
DNS is insecure. Rogue DNS servers can impersonate real ones and compromise your infrastructure. DNSSEC addresses this particular flaw, but the complexity of the solution has been hampering adoption, leaving hundreds of thousands of DNS servers vulnerable. While DNS has many known security flaws, most have been solved with configuration changes and best practices. However, recent, more serious exploits have drawn greater attention and have prompted the Office of Management and Budget (OMB) to mandate all federal agencies deploy DNSSEC by the end of 2009. DNSSEC deployment has so far been hindered by the complexity of available solutions,...
RelayHealth provides a Software-as-a-Service (SaaS) platform designed to facilitate the exchange of information between pharmacies, hospitals and health systems, payors, physicians, and patients. It operates pharmacy data centers in Atlanta and Sacramento, and employs hundreds of physical and virtual servers in a heterogeneous operating system environment to support the approximately 11 billion retail pharmacy financial and clinical transactions it processes per year. Security, availability, and responsive applications are paramount to its business and to the customers it ultimately serves. F5 handles routing of application traffic to both its data centers, and using advanced features in BIG-IP LTM, such...
Press release: Secerno Teams up with F5 Networks to Offer Superior Application and Database Security Offer enterprises comprehensive application security and traffic monitoring at both the web and database tier to identify attacks and optimise application functionality Oxford, United Kingdom, November 18, 2008 – Secerno, the technology leader in data security, today announced a partnership with F5 Networks, Inc. (NASDAQ: FFIV), the global leader in Application Delivery Networking, to offer enterprises comprehensive application security and traffic monitoring at both the web and database tier to identify attacks and optimise application functionality. Secerno DataWall™ interoperability with F5’s BIG-IP...
