BIG‑IP Application Security Manager PRODUCT OVERVIEW “F5 has really helped us become more aggressive in tuning our devices for our security needs, and as a result, [the device] does a much better job of blocking bad traffic while allowing valid traffic.” Stuart Lyons, Security Engineer, Human Kinetics Defend Against Attacks and Achieve Regulatory Compliance Key benefits · Ensure application availability by stopping · Get out-of-the-box application security · Deploy flexibly for virtualized and private · Reduce the cost of security compliance · Improve application security and performance · Increase agility hackers and attacks policies with minimal configuration cloud environments As more application traffic moves over the web, sensitive data is exposed to potential theft, security vulnerabilities, and multi-layer attacks Protect your organization and its reputation by maintaining the confidentiality, availability, and performance of the applications that are critical to your business F5 BIG-IP® Application Security Manager™ (ASM) is a flexible web application firewall that secures web applications in traditional, virtual, and private cloud environments BIG-IP ASM provides unmatched application and website protection, a complete attack expert system, and compliance for key regulatory mandates—all on a platform that consolidates application delivery with network and application access and optimization Deliver comprehensive security BIG‑IP ASM patches web application vulnerabilities in minutes to protect from a broad spectrum of threats, including the latest (D)DoS and SQL injection attacks It also secures the latest interactive web applications such as JSON payloads and AJAX widgets A complete attack expert system provides on-the-spot attack details, staging of new policies for testing, and quick administrator notification BIG-IP ASM stops hackers and attacks and ensures legitimate users can access applications Achieve compliance cost-effectively Advanced, built-in security protection and remote auditing help your organization comply with industry security standards, including PCI DSS, HIPAA, Basel II, and SOX, in a cost-effective way—without requiring multiple appliances, application changes, or rewrites Detailed PCI reporting determines if PCI DSS compliance is being met and provides steps required to become compliant if not Get out-of-the-box protection Equipped with a set of pre-built and certified application security policies, BIG‑IP ASM gives you out-of-the box protection for common applications such as Microsoft Outlook Web Access, Lotus Domino Mail Server, Oracle E-Business Financials, and Microsoft Office SharePoint A rapid deployment policy secures any internal or third-party application Improve performance Unlike many other security solutions, with BIG‑IP ASM you don’t have to choose between security and performance The F5 TMOS® architecture provides significant BIG‑IP ASM features performance advantages, including SSL offload, caching, compression, TCP optimization, and more BIG-IP ® Local Traffic Manager ™ integration enables protection from (D)DoS and other network attacks And because BIG‑IP ASM works on the same platform with other BIG‑IP ® modules, you can benefit from centralized access control and even greater performance improvements Deploy flexibly and increase business agility BIG-IP ASM Virtual Edition deploys in flexible environments, protecting your virtual and private cloud applications By automatically building and managing security policies around newly discovered vulnerabilities, BIG-IP ASM deploys fast, agile business processes to secure your applications against constantly changing threats Learn more about BIG‑IP ASM · PCI reporting · iRules · Integrated XML firewall · TCP/IP optimization · DataGuard™ and cloaking · L7 Rate Shaping™ · Live update for attack signatures · Isolated resource allocation (vCMP) Datasheets · Web scraping protection · iApp™ for pre-configured policies · Web services encryption/decryption · Application visibility and reporting BIG‑IP ® Application Security Manager ™ For more information about BIG‑IP ASM, use the search function on f5.com to find these resources ·A  pplication policy templates BIG‑IP ® Add-On Modules · Comprehensive attack protection White papers · BIG‑IP modules layering · Cross-site request forgery · iRules® and Fast Cache integrations · Layer (D)DoS Intelligent Layer DoS and Brute Force Protection for Web Applications · WhiteHat Sentinel integration · Cross-site scripting · BIG-IP ASM Virtual Edition (VE) · SQL injection · Application security in the private cloud · Parameter and HPP tampering Case study · Metrics on the BIG-IP Dashboard · Session highjacking · ICAP support for SMTP and SOAP files Application and Data Security with F5 BIG-IP ASM and Oracle Database Firewall · Cookie manipulation Human Kinetics Boosts Website Performance, Security, and Innovation with F5 Solution · F5 TMOS architecture · Forceful browsing Article · SSL offload · XML bombs/DoS SC Magazine, 2010 Reader Trust Award for Best Web Application Security · Caching and compression F5 Networks, Inc 401 Elliott Avenue West, Seattle, WA 98119 F5 Networks, Inc Corporate Headquarters info@f5.com F5 Networks Asia-Pacific apacinfo@f5.com 888-882-4447 F5 Networks Ltd Europe/Middle-East/Africa emeainfo@f5.com www.f5.com F5 Networks Japan K.K f5j-info@f5.com ©2011 F5 Networks, Inc All rights reserved F5, F5 Networks, the F5 logo, and IT agility Your way., are trademarks of F5 Networks, Inc in the U.S and in certain other countries Other F5 trademarks are identified at f5.com Any other products, services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, express or implied, claimed by F5 CS04-00016 0711 ... policies · Web services encryption/decryption · Application visibility and reporting BIG IP ® Application Security Manager ™ For more information about BIG IP ASM, use the search function on f5.com... · Metrics on the BIG- IP Dashboard · Session highjacking · ICAP support for SMTP and SOAP files Application and Data Security with F5 BIG- IP ASM and Oracle Database Firewall · Cookie manipulation Human... Brute Force Protection for Web Applications · WhiteHat Sentinel integration · Cross-site scripting · BIG- IP ASM Virtual Edition (VE) · SQL injection · Application security in the private cloud