Great question! For upper-layer attacks like ones that take advantage of OWASP security risks, the payload will need to be decrypted to detect the attack. For example, injection attacks or cross-site scripting attacks won't be detected unless they are decrypted...because they are technically legitimate HTTP requests that won't look problematic unless you see the actual payload. For other types of attacks (like a volumetric DDoS attack), you will be able to see the attack even if you can't decrypt the traffic. For example, if you see a massive amount of traffic flooding your site, then you will know a DDoS attack has been launched even if you can't see the payload of each packet. I hope this helps!
The ASM is a Web Application Firewall (WAF). F5 also has a newer, more advanced WAF...the F5 Advanced WAF. ASM and Advanced WAF are not the same, but the Advanced WAF is built on the same foundation as the ASM, and it has more powerful features than the ASM. It's like the ASM with many upgrades. :)
what sort of incompatibility issues you anticipate? from what I know, the WAF "modifies" the page being served and sensitive form fields are being encrypted.. all with the magic of javascript and F5's understanding of DOM..
Dont waste your time if you're trying to understand what're the features of the WAF, the presenter just blabbers on about other products the majority of the time.
Thanks John, great presentation.
We appreciate the note! Glad you enjoyed the video.
Do we need buy Threat compaign subscription as an additional add on when we purchase Advance WAF or it is already included
The Threat Campaign is typically an additional subscription, but you should check with your sales rep to see what options might exist for you.
Hey John, great videos with easy explanation and that is helping me to learn a lot - thanks so much!
Thanks for the comment! He does a great job!
very nicely explained
Can OWASP attacks are possible to detect
without looking at the encrypted data/payload?
Great question! For upper-layer attacks like ones that take advantage of OWASP security risks, the payload will need to be decrypted to detect the attack. For example, injection attacks or cross-site scripting attacks won't be detected unless they are decrypted...because they are technically legitimate HTTP requests that won't look problematic unless you see the actual payload. For other types of attacks (like a volumetric DDoS attack), you will be able to see the attack even if you can't decrypt the traffic. For example, if you see a massive amount of traffic flooding your site, then you will know a DDoS attack has been launched even if you can't see the payload of each packet. I hope this helps!
how do you write backwards like that
ruclips.net/video/U7E_L4wCPTc/видео.html
@@danielschuler4557 thanks sir, now I can sleep peacefully.
real question
Waf and ASM or same ???
The ASM is a Web Application Firewall (WAF). F5 also has a newer, more advanced WAF...the F5 Advanced WAF. ASM and Advanced WAF are not the same, but the Advanced WAF is built on the same foundation as the ASM, and it has more powerful features than the ASM. It's like the ASM with many upgrades. :)
Awesome lecture, it has been so informative. Thanks a lot!
Glad you enjoyed it!
Nice Explanation
Appreciate the comment!!
Its a great video
Glad you liked it and thanks for the comment!
so the achilles heel is the "established" trust? datasafe sounds like it can have many incompatibility issues....
The good thing is that you can try it, and also you can deploy only in some parameters that is cool to deploy
what sort of incompatibility issues you anticipate? from what I know, the WAF "modifies" the page being served and sensitive form fields are being encrypted.. all with the magic of javascript and F5's understanding of DOM..
Xxx
Dont waste your time if you're trying to understand what're the features of the WAF, the presenter just blabbers on about other products the majority of the time.