Download - Webapp Firewall
-
8/13/2019 Webapp Firewall
1/2
AT&T Web ApplicationFirewall
SM
Service
Todays organizations rely on Web applicationsand Web 2.0 technologies to support keybusiness processes and improve performance.
As a result, Web application technology hasbecome pervasive in the modern IT environment,enabling interaction with consumers, partners,employees and other parties.
However, Web applications have also becomea prime vector of attack for hackers andcybercriminals. To attack Web applications,hackers take advantage of attack vectors thatbypass traditional network and host-basedsecurity technologies. Because of this, it isessential for organizations to have application-layer security measures in place that protectWeb applications as well as the underlying
servers and databases that support them.
Regulators have also recognized the riskthat insecure Web applications pose. Manycompliance mandates including Payment CardIndustry (PCI), Federal Financial InstitutionsExamination Councils (FFIEC), North AmericanElectric Reliability Corporation (NERC), Critical
Infrastructure Protection (CIP), and FederalInformation Security Management Act of 2002(FISMA). NERC CIP, and others now require
organizations to better secure their Webapplications and protect them from attack.
Service OverviewAT&T Web Application Firewall service is afully managed security service that combinesWeb Application Firewall technology withexpert management and 24x7x365 securitymonitoring to help protect Web applicationsand their underlying systems. It is offeredon a subscription, per device basis to helpsafeguard Web applications and sensitive data.Architecturally, Web Application Firewall islocated in front of the Web application servers
as a transparent Layer 2 bridge. Depending onwhere the Web servers reside, the service canbe deployed and provided at your premises orin any hosting environment.
With the Web Application Firewall, AT&Tprovides the highest degree of protectionpossible without interrupting legitimate traffic
Benefits
Helps protect Web applications
Aids in better securing
sensitive data
No management overhead
24x7x365 real-time security
vigilance
Better prevention of attacks
Faster detection and response
to threats
Reduces costs associated
with securing Web apps and
underlying systems
More cost effective than code
audit alone
Provides visibility into Web
application layer traffic
Reduces risk to critical
applications and business
processes
Satisfies PCI requirement 6.6
Features
Inspection of all inbound and
outbound Web application
traffic including encrypted traffic
Blocking of inappropriate or
malicious application traffic
Real-time, 24x7x365 security
event monitoring
Ongoing performance and
availability management
Initial and ongoing tuning and
configuration management
Maintenance, backup and
recovery
Comprehensive security and
compliance reporting
Product Brief
AT&T Web Application FIrewallSMService
-
8/13/2019 Webapp Firewall
2/2
to Web applications. During implementationof the service, experts from AT&T performextensive analysis of your Web applicationtraffic and tightly configure Web ApplicationFirewall policies accordingly. Once the serviceis turned up, we continuously review theperformance and fine tune the appliances
to deliver optimum protection against Webapplication threats including SQL injection,cross-site scripting, session hijacking andWeb 2.0 attacks.
Seamless Web Application FirewallImplementationDeploying a Web Application Firewall is notrivial task. As with any in-line appliance,organizations must take care to properlyimplement the service so that they do notaffect legitimate business traffic and ITinfrastructure while protecting these sameresources from malicious traffic. For
organizations with frequent changes towebsites and applications, the workload touse Web Application Firewall effectively canbe significant.
As part of the service, AT&T will architect,design and deploy a solution that addressesyour security and compliance needs andintegrates seamlessly into your environment.
Utilizing a mature provisioning anddeployment process, our experts can installthe Web Application Firewall service easilyand at your convenience.
Optimum Performance and ProtectionBecause of the dynamic nature of todays
web applications, to help protect themrequires strong security features and webapplication knowledge as well as the timeto analyze traffic and test policies and rules.Without ongoing tuning, Web ApplicationFirewalls can block legitimate applicationtraffic (a.k.a. false positives) and pass trafficcontaining attacks (a.k.a. false negatives).
However, with AT&T Web Application Firewallservice, we help ensure the technologyprovides protection without interruptinglegitimate business traffic to your applications.During implementation of our service, experts
from AT&T perform an analysis of yourapplication traffic and tightly configure WebApplication Firewall policies and rules. Oncethe service is turned up, we continuouslyreview the performance and fine tune theappliances to deliver optimum protectionagainst application threats including SQLinjection, cross-site scripting, sessionhijacking and Web 2.0 attacks.
Real-Time Event Management and ResponsUsing highly scalable event correlation andanalysis technology, our certified expertsmonitor, assess and respond to Webapplication threats real-time. Our advancedtechnology platform correlates events acrosall managed or monitored devices in your
environment, providing our certified expertswith the context they need to virtuallyeliminate false positives and respond to truthreats against your organization.
When an incident is detected, our expertsimmediately assess the threat and beginworking with your staff to mitigate the attacand protect your assets. Our experts providefull support, serving as an extension of yourteam to safeguard IT systems and data.
On-Demand Security andCompliance Reporting
With AT&T Web Application Filtering serviceyou will have full access to reports via a webased client portal. The portal provides youwith real-time security and service deliveryvisibility. Using the portal, you can easilydemonstrate the effectiveness of the WebApplication Firewall service to managementand auditors.
For more information contact your AT&T Representative visit us at www.att.com/security,email us at [email protected] or call 877-954-7771
Product Brief - AT&T Web Application FirewallSMService ______________________________________________________________________________________
01/31/11 AB-2076
2011 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property.