Attackers are always developing newer, smarter ways to get past security measures, making the compromise of corporate and client data an ongoing concern. In 2014, over a billion personal and sensitive records were compromised—that’s around 3 million per day1. One of the most common points of attack is through your web application, using tactics like SQL injection and session token abuse. So how do you guard against these types of attacks when your applications are deployed across the public cloud, private data center, or mix of environments?
By implementing a Web Application Firewall (WAF), you can counter attacks against your web applications, whether they’re hosted on-site or in the cloud. A WAF monitors HTTP requests and responses at the application layer. By evaluating the traffic in the context of individual user sessions, a WAF can detect and block application-layer attacks that often slip past other defenses.
A WAF also reduces downtime by allowing you to protect and virtually patch applications while the code is being fixed. Advanced systems, such as BIG-IP Application Security manager (ASM), also protect against screen scraping and layer 7 Denial of Service (DoS) attacks, while promoting Data Loss Prevention (DLP).
As your need for agility pushes your applications from the data center to the cloud and Infrastructure as a Service (IaaS) solutions, like Amazon Web Services (AWS), it’s vital that additional security measures such as WAFs migrate with your applications.
We paired F5 with AWS to build a solution that not only met the web team’s agility needs, but also fulfilled our corporate security requirements.
BIG-IP ASM is available as a Virtual Edition through the AWS Marketplace. It’s the same software available for on-premise deployment, designed to protect your AWS applications. The same settings, configurations, tools, skills and monitoring systems span environments, lowering your operational costs and improving quality.
Pay as you go gives you more flexibility and helps you reduce your overall consumption requirements without sacrificing performance or acceleration.
Annual subscriptions or Bring-Your-Own-License (BYOL) are more predictable and cost-effective options for workloads with steady-state traffic.
Volume Licensing Subscriptions (VLS) provide a cost-efficient way to purchase licenses in 1- or 3-year subscriptions.