Transcription of Web Application Firewall (WAF) - ipa.go.jp
1 Web Application Firewall Web Application Firewall 2011 12 Web Application Firewall (WAF) URL Web Application Firewall (WAF) 1 .. 1 .. 2 .. 2 .. 2 .. 3 2 .. 3 1. WAF .. 4 WAF .. 4 IPA .. 5 WAF .. 7 2. WAF .. 9 WAF .. 9 WAF FW IPS .. 10 WAF .. 12 WAF .. 14 3. WAF .. 16 WAF .. 16 WAF .. 18 WAF .. 28 4. WAF .. 30 .. 31 .. 35 .. 46 5. IPA WAF .. 49 .. 49 .. 51 .. 55 .. 69 WAF .. 72 A.. 73 ModSecurity .. 73 WebKnight .. 81 B.
2 90 .. 93 2 Web Application Firewall WAF IPA WAF WAF WAF WAF IPA 5 2 1. WAF IPA WAF 2. WAF WAF WAF 3. WAF WAF WAF 4. WAF WAF 5. IPA WAF IPA WAF ModSecurity WAF IPA 4.
3 WAF WAF A. ModSecurity WebKnight B. WAF 3 WAF WAF 2 2 4. WAF IPA WAF ModSecurity 5. IPA WAF 4 5 WAF WAF A ModSecurity 4 1. WAF IPA WAF WAF WAF WAF IPA 1 2 3 WAF 1 2 3 5 IPA IPA JVN iPedia IPA JPCERT JPCERT/CC JVN iPedia4
4 ILogScanner5 2009 1 2010 12 12,194 1-1 1-1 2009 1 2010 12 JVN iPedia 1-1 4 OS 5 629 341 964 747 387 144 229 199 230 451 622 912 278 3,259 1,147 225 1,063 974 1,805 1,985 865 3,459 1,557 486 05001,0001,5002,0002,5003,0003,5004,0002 009 1Q2009 2Q2009 3Q2009 4Q2010 1Q2010 2Q2010 3Q2010 4Q IDS OS SQL JVN iPedia 2009 1 2010 12 12,194 0 6 2010 4 10 12 6 5.
5 338 1-2 1-2 2010 4 31 53% 1-3 SQL 1-3 2010 4 6 52 69 54 59 51 43 39 24 32 34 42 20 244 208 509 1,430 801 386 131 127 139 120 73 47 678 747 801 860 911 954 993 1,017 1,049 1,083 1,125 1,145 1,367 1,575 2,084 3,514 4,315 4,701 4,832 4,959 5,098 5,218 5,291 5,338 0 1,000 2,000 3,000 4,000 5,000 0 200 400 600 800 1,000 1,200 1,400 1Q20082Q3Q4Q1Q20092Q3Q4Q1Q20102Q3Q4Q 100 200 300 400 500 0 1 2 3 4 5 6 7 11 20 21 30 31 50 51 90 91 200 201 300 301 (279 ) (60 ) (89 )HTTP (94 )DNS (517 )SQL (550 ) (1,753 )
6 7 WAF WAF KISA KISA Korea Internet & Security Agency 7 WAF KISA WAF8 2 Trustwave ModSecurity 9 AQTRONIX WebKnight 10 KISA WAF WAF WAF Q&A WAF KISA WAF CASTLE 11 WebShell12 WHISTL 13 14 OWASP OWASP Open Web Application Security Project 15 WAF OWASP Best Practices: Use of Web Application Firewalls 16 OWASP ModSecurity Core Rule Set Project 17 OWASP Best Practices: Use of Web Application Firewalls WAF WAF WAF 2 2008 3 Version OWASP ModSecurity Core Rule Set Project WAF ModSecurity Core Rule Set Core Rule Set 2 Core Rule Set Version 7 8 A.
7 ModSecurity, WebKnight 9 10 11 12 WebShell 13 14 WHISTL KISA 15 16 :OWASP_Best_Practices:_Use_of_Web_Applic ation_Firewalls 17 :OWASP_ModSecurity_Core_Rule_Set_Project 8 WASC WASC Web Application Security Consortium 18 WAFEC Web Application Firewall Evaluation Criteria 19 WASC WAF WAFEC WASC WAF WAF 2 WAFEC 2006 1 16 Version PCI SSC PCI SSC Payment Card Industry Security Standards Council 20 PCI-DSS Payment Card Industry Data Security Standard 21 PCI-DSS PCI-DSS Web WAF 2008 6 30 2008 7
8 PCI-DSS 2004 12 2 18 19 20 21 9 2. WAF WAF WAF Firewall FW Intrusion Prevention System IPS WAF WAF WAF WAF WAF WAF WAF 2-1 WAF 2-1 WAF WAF Web Application Firewall (WAF)
9 10 WAF WAF WAF FW IPS WAF FW WAF IPS WAF FW WAF FW FW IP FW FW FW 2-2 WAF FW SQL 2-2 FW WAF Web ApplicationFirewall(WAF) Firewall (FW) 11 WAF IPS WAF IPS IPS IPS 2-3 IPS 22 WAF IPS WAF 2-4 WAF 2-3 IPS 22 WAF Intrusion Prevention System(IPS)
10 A B C IPS IPS 12 2-4 WAF WAF 2 WAF WAF WAF WAF 2 WAF WAF WAF WAF WAF WAF WAF 3 WAF WAF A B CWeb ApplicationFirewall(WAF) WAF WAF 13 WAF WAF WAF WAF WAF WAF 23 WAF WAF WAF WAF WAF WAF WAF WAF WAF WAF WAF WAF WAF 2-5 WAF24 WAF 25 WAF WAF WAF WAF 2-5 WAF
