Application Security Manager™ (ASM) is a web application firewall that secures web applications and protects them from vulnerabilities. ASM also helps to ensure compliance with key regulatory mandates, such as HIPAA and PCI DSS. The browser-based user interface provides network device configuration, centralized security policy management, and easy-to-read audit reports.
You can use ASM™ to implement different levels of security to protect Layer 7 applications. You can let ASM automatically develop a security policy based on observed traffic patterns. Or you have the flexibility to manually develop a security policy that is customized for your needs based on the amount of protection and risk acceptable in your business environment.
ASM creates robust security policies that protect web applications from targeted application layer threats, such as buffer overflows, SQL injection, cross-site scripting, parameter tampering, brute force attacks, cookie poisoning, web scraping, and many others, by allowing only valid application transactions. Using a positive security model, ASM secures applications based on a combination of validated user sessions and user input, as well as a valid application response. ASM also includes built-in security policy templates that can quickly secure common applications.
ASM also protects applications using negative security by means of attack signatures. Attack signatures can detect and thwart attacks such as the latest known worms, SQL injections, cross-site scripting, and attacks that target commonly used databases, applications, and operating systems.
ASM provides multi-faceted DoS attack protection for web applications including proactive bot defense, bot signatures, CAPTCHA challenge, stress-based protection, and behavioral DoS.
All these features work together to identify threats and react to them according to your policy. Application traffic is analyzed by ASM and it can also be load balanced to the web application servers. You can configure ASM so that if malicious activity is detected, ASM can terminate the request, send a customized error page to the client, and prevent the traffic from reaching the back-end systems.
The decision about when to use Application Security Manager™ (ASM) to protect an application can be made on a case-by-case basis by each application and security team.
You can use ASM™ in many ways:
These are just a few of the ways that ASM can be used to secure your web applications.
The core of Application Security Manager™ functionality centers around the security policy, which secures a web application server from malicious traffic, using both positive and negative security features. Positive security features indicate which traffic has a known degree of trust, such as which file types, URLs, parameters, or IP address ranges can access the web server. Negative security features provide the ability to detect and thwart known attack patterns, such as those defined in attack signatures. Security polices can also include protection against DoS attacks, brute force attacks, web scraping, cross-site request forgery, and multiple attacks from an IP address.
When a user sends a request to the web application server, the system examines the request to see if it meets the requirements of the security policy protecting the application. If the request complies with the security policy, the system forwards the request to the web application. If the request does not comply with the security policy, the system generates a violation (or violations), and then either forwards or blocks the request, depending on the enforcement mode of the security policy and the blocking settings on the violation.
The system can similarly check responses from the web server. Responses that comply with the security policy are sent to the client, but those that do not comply cause violations and may also be blocked.
Application Security Manager™ (ASM) is a web application firewall that protects mission-critical enterprise Web infrastructure against application-layer attacks, and monitors the protected web applications. For example, ASM protects against web application attacks such as:
The system can automatically develop a security policy to protect against security threats, and you can configure additional protections customizing the system response to threats.