The July 2018 hack of the presidential website could perhaps have been prevented if stronger security measures, including web application firewalls (WAF), had been implemented. This is the opinion of Simon McCullough, major channel account manager at F5 Networks, which specialises in application delivery networking technology for the delivery of web applications, and the security, performance, availability of servers, data storage devices and other network and cloud resources.
McCullough notes that while web application firewalls are used to mitigate application layer attacks, they have now evolved even further into the realm of Advanced WAF, in order to keep up with the progressive capabilities and agility of attackers.
He explains: “A WAF filters, monitors and blocks HTTP traffic to and from a web application, and is different from a regular firewall, which serves as a safety gate between servers, in that a WAF is able to filter the content of specific web applications. A recent F5 white paper clarifies why organisations need a WAF, noting that enterprises today are extending their businesses by using web-based and cloud-hosted applications. Therefore, having a robust and agile WAF in place to protect from security threats has become a necessity rather than a luxury.
“Attacks on these web- and cloud-based applications are becoming increasingly sophisticated and frequent, threatening enterprises’ critical data and operations. For example, the July 2018 hacking of the presidential website, was not the first time that the website was compromised. It was also taken down in August 2017, showcasing the lengths that hackers will go to and the urgency of taking the most advanced steps possible to prevent such attacks on all fronts.”
According to the white paper, a customer needs to take multiple steps when planning and delivering a WAF service implementation project, including:
· Building the most appropriate WAF strategy and having it approved by all internal stakeholders;
· Using the WAF product to implement the correct set of policies and parameters;
· Devising the WAF service deployment; and
· Planning for the day-to-day service operations and lifecycle management in production.
Challenges in implementing these steps include the fact that corporate and business security requirements do not always take into consideration technical, operational and resource constraints; and difficulties in achieving the balance between the application availability required by business owners, and the level of protection required by the security team. Therefore, to assist in these issues, F5 Professional Services customises solutions for the organisation’s unique environment, through the BIG-IP Advanced WAF Launchpad service.
This offering was created for customers who have bought and sometimes even provisioned the Advanced WAF BIG-IP module, but have not yet deployed an effective WAF service. The Advanced WAF Launchpad service provides the benefit of F5 Professional Services expertise and experience to help customers overcome specific use-case problems and engage in a successful Advanced WAF implementation project.
The service involves collaboration between a security expert from F5 Professional Services and the customer’s security, infrastructure, network, and application management teams. The two-fold objective of the service is to develop a fit-for-purpose Advanced WAF policy implementation strategy using F5 best practices, and to transfer know-how and expertise that can be directly put into practice by the customer.
Anton Jacobsz, managing director at Networks Unlimited Africa, a value-added distributor of F5 in Africa, concludes: “F5 continues to go from strength to strength in the WAF space. As the white paper notes, making the appropriate decisions for a WAF deployment that best meet business objectives can be challenging, as the need for time and resources can compete with the need for adequate know-how and confidence in using the selected product. Therefore, live support from a skilled consultant is a trusted methodology for getting a WAF service deployment on track, and helping Advanced WAF owners to make efficient decisions.”
F5’s recently released Advanced Web Application Firewall solution for comprehensive application protection uses advanced analytics and machine learning. The focus on automated threats in its approach offers superior protection against credential theft and abuse by using keystroke encryptions to guard against keyloggers, as well as layer 7 DDoS detection using machine learning and behavioural analytics. It is also the only WAF with comprehensive mitigation of web and mobile bot threats.
F5 makes apps operate faster, smarter, and safer for the world’s largest businesses, service providers, governments, and consumer brands. F5 delivers cloud and security solutions that enable organisations to embrace the application infrastructure they choose without sacrificing speed and control.