1. F5 Adds Solutions for Oracle Database

2. Announcement Highlights, February 14
F5 adds to its portfolio of solutions for Oracle Database
New solution combines F5 BIG-IP Application Security Manager with Oracle Database Firewall
Solution provides:
Strong protection against SQL injection attacks around the web application and database
Audit data to correlate security events reported by the web application firewall and database firewall
Logs user information for attacks and out-of-policy behavior
3. Application Trends and Drivers
Webification of applications
Intelligent browsers and applications
Increasing regulatory requirements (PCI)
Untargeted attacks BOTs
Targeted attacks (D)DoS
Public awareness of breach attempts and data security
Tough economy = constrained resources and budgets cuts increased security risks; reduced compliance
4. Web applications are at risk
SANS report
Focused on patching Operating Systems
80% of vulnerabilities are in web apps
60% of the attack vectors are web based
Reports from 7Safe and Web Hacking Incidents Database stat that 60% of all breach incidents examined involved SQL injection
5. F5 and Oracle Solutionsare Engineered to WorkTogether
6. F5 and Oracle Solutions areEngineered to Work Together
7. F5 BIG-IP Application Security Manager
Provides comprehensive protection of all web application vulnerabilities
Logs and reports all application traffic and attacks
Enables Layer 2 through Layer 7 protection
Learning and Blocking Modes
Web attack types
SQL Injection
8. Oracle Database Firewall
Real-time database activity monitoring and blocking
Responds to each type of threat via either logging, monitoring, alerting, blocking, or substituting
Deployed out-of-band or in-band with heterogeneous database environments
Available as a virtual appliance
9. F5 and Oracle Integrated Solution
Monitor and block traffic at the web and database layers
Application sessions tracked from client, to web, to database, and back
When anomalies are detected by ASM, they are logged by both ASM and Oracle DBFW
ASM provides user and web context of the attack enabling complete visibility of attack from source IP address, through HTTP page and session to SQL transaction.
DBFW can analyze the full SQL transaction to see if the query is out of policy, rather than just a fragment.
Ensures that administrators are always able to get consistent, correlated application monitoring data
Web tier attacks are blocked by ASM
Undetected attacks that get to the database are blocked by DBFW
10. www.acme.com?id=%27+OR+1%3D1+-
How Does it Work?
ASM Event
User Identity
External Users
Administrators
APPLICATIONS
Internal
Users
NETWORK
DATABASES
Integrated Log
DBFW Management Server
Correlated Syslog Event
SIEM
Web Application traffic is secured with ASM,
Database traffic is secured with Database Firewall
11. Example Report
12. Case Study: Large Financial in the UK
13. F5 Networks and Oracle
Deliver application and database security event correlation
Unity security information management
Monitor security more easily
Protect applications and databases from unauthorized access
Driving joint customer engagements
Available now