TrafficShield® is a web application firewall that provides comprehensive,
proactive, network and application-layer protection from generalized and targeted
attacks by understanding the user interaction with the application firewall.
TrafficShield employs a positive security model ('deny all unless allowed')
to permit only valid and authorized application transactions, while automatically
protecting critical web applications from attacks such as Google hacking, cross-site
scripting, and parameter tampering.
Features and Benefits
Comprehensive
Web Application Security - Protects against entire classes
of HTTP and HTTPS-based threats (both known and unknown) rather than
guarding against a limited list of known attacks.
Hardened
Appliance Protection - Protects servers from attacks and ensures
that only valid responses get through.
Targeted
Attack Protection - Protects scanners and other automated devices
that can't defend themselves against targeted attacks because these attacks
involve a malicious user seeking vulnerabilities unique to a particular
session. TrafficShield detects and mitigates pattern-less exploits in
real time, adding complementary protection to existing firewalls and
Intrusion Detection Systems, which cannot efficiently address HTTP and
HTTPS-borne threats.
Random
Attack Protection - Application layer packet inspection and behavioral
logic protect against counterfeit application activity, providing precise
attack mitigation and granular blocking against script kiddies, known
worms and vulnerabilities, requests for restricted object and file types,
and other known exploits.
Security
Policy Management - Automatically generates and enforces application
security policies that are easy to manage, intuitive, and incredibly
accurate.
Comprehensive
Network Security Services - Provides a secure reverse
proxy, including SSL acceleration, termination, and re-encryption to
web servers, key management and failover handling, and basic network
firewalling capabilities.
Web
Server Protection - Hides your web infrastructure so that hackers
can't tell what servers you're running. Strips out identifying operating
system and web server information from message headers, conceals any
HTTP error messages from users, and removes application error messages
from pages sent to users while checking to make sure no server code leaks
out onto web pages.
VLAN
support - Delivers maximum flexibility for easier deployments.
Total Protection
TrafficShield protects against application, infrastructure, and network
threats such as:
- SQL Injection
- Cross-Site
Scripting
- Command
Injection
- Cookie/Session
Poisoning
- Buffer
Overflow
- Parameter/Form
Tampering
- Google
Hacking (Forceful Browsing)
- Error
Message Interception
- Application
Platform Exploits
- Zero
Day Attacks
Based On The Powerful TMOS Architecture
Integrated with F5's powerful TMOS operating system, TrafficShield
can now leverage many of the pre-existing capabilities
of TMOS, including:
- SSL
Acceleration - SSL
key exchanges, certificate management and AES encryption are processed
through the TMOS architecture while extending the capability
of TrafficShield.
- iRules -
A scripting language that gives IT professionals unparalleled application
awareness
and network control.
- Network
Administration - TMOS
enables TrafficShield to configure and manage network level functionality
such as VLANs, failover and routing.
- Client
Authentication - LDAP,
RADIUS, TACACS+, Client Certificate-based LDAP and OCSP authentication
profile types are now supported on TrafficShield.
- Packet
Filtering - Enables TrafficShield to identify and
filter traffic at the packet level, providing exhaustive security
at
both the network
and
application layers.
- TCP
Stack Optimization -
With TrafficShield on TMOS, end users can also enjoy
the advantages of F5's highly optimized TCP stack,
reducing the effects of
chattiness, congestion, and packet loss recovery.
Positive Security Protects Against Targeted Attacks
Scanners and other automated devices can't defend
against targeted attacks because these attacks involve
a malicious
user seeking
vulnerabilities
unique to a particular application. Only an application
specific security policy can protect against this
type of threat.
TrafficShield's purpose-built
hardware and patent-pending software detect and mitigate
patternless exploits in real time, adding accurate,
complementary protection
to existing firewalls and Intrusion Detection Systems
(IDS), which cannot address
HTTP and HTTPS-borne threats efficiently.
Comprehensive Network Security Services
TrafficShield provides a secure reverse proxy, including SSL acceleration,
termination and re-encryption to web servers, key management and failover
handling, and basic network firewalling capabilities.
Web Server Protection (Cloaking)
TrafficShield hides your web infrastructure so that hackers can't tell
what servers you're running. It strips out identifying OS and web server
information from message headers, conceals any HTTP error messages
from users and removes application error messages from pages sent to
users, and checks to make sure no server code leaks out onto web pages.
F5 Application Traffic Management
TrafficShield is complementary to F5's FirePass SSL VPN Remote Access
and BIG-IP Traffic Management product lines. As FirePass secures user-to-application
access, the TrafficShield product ensures that only valid traffic reaches
the application. Combine with F5's BIG-IP for a powerful, holistic
approach to the secure and optimized delivery of your applications.
Flexible Deployment Options
TrafficShield can be deployed in a variety of security postures depending
on customer needs. A standard implementation can take less than a day
and provides protection against the most common application attacks.
Our optional 'Advanced Policy Customization' module allows customers
to fully tailor their policy as required, providing the most granular
protection in the industry..
iControl®
F5's products include an open API called iControl, a
standards-based language that allows F5 products to communicate
with each other, and with other network
devices and applications. iControl permits the creation of an "application-aware" network,
where applications are able to anticipate, react and adjust to varying network
conditions, automatically. By allowing this communication, it becomes possible
to eliminate manual intervention between the application and the traffic management
devices. Instead of wasting the technical staff's valuable time on day-to-day
tasks like server maintenance, organisations can automate activities that until
now required human intervention.
Recommend this page to a colleague or friend ]
