Cisco ACE-WAF-GAT-LICFX Datasheet download pdf

Data Sheet

Cisco ACE Web Application Firewall

Product Overview

The Cisco

ACE Web Application Firewall (Figure 1) is the newest component of the Cisco

Application Control Engine (ACE) family of products.

Many organizations are looking to increase efficiency and profitability through the implementation

of new Web-based applications, Web 2.0 and SOA solutions. These new Web-based services

provide greater flexibility and interactivity to customers, employees, and partners. At the same

time, criminals have seized on exploiting these new, and often poorly secured services for such

things as financial fraud, identity and data theft, denial of service attacks, and the spread of

malware and remote-controlled agent software.

According to privacyrights.org, nearly a quarter of a billion records have been breached since 2005

in the US alone. In response, new and emerging regulatory requirements, like Sarbanes-Oxley,

Graham-Leach-Bliley, HIPAA, PCI, Basel II, EU Data Privacy Regulation, J-SOX, and PIPEDA, in

virtually every country and region in the world, place a special emphasis on protecting the access

to, transmission of, and storage of sensitive information, such as the personal and financial

information of customers and employees.

Of special interest is the protection of consumer financial and personal information. In response to

increased identity theft incidents and security breaches, major credit card companies have

collaborated to create the Payment Card Industry (PCI) Data Security Standard (DSS), which is a

series of requirements to streamline and standardize how companies store and access credit card

information.

The Cisco ACE Web Application Firewall helps organizations that store, process, and transmit

credit card data to comply with the PCI DSS requirements. Because of its unique blend of HTML

and XML security, the Cisco ACE Web Application Firewall provides a full compliance solution for

the PCI DSS version 1.1’s requirements in sections 6.5 and 6.6.

Section 6.6 in particular mandates that any organization handling, processing, or storing credit

card information must install a Web application firewall by June 30, 2008 to protect applications

against the OWASP Top 10 attacks (

http://www.owasp.org/index.php/Top_10_2007.)

The Cisco ACE Web Application Firewall provides full compliance with the latest PCI requirements

by combining deep Web application analysis with high-performance XML inspection and

management to truly address the full range of threats associated with all new Web application

services. It secures and protects Web applications from common attacks, such as identity theft,

data theft, application disruption, fraud and targeted attacks. These attacks may include cross-site

scripting (XSS) attacks, SQL and command injection, privilege escalation, cross-site request

forgeries (CSRF), buffer overflows, cookie tampering, and Denial of Service (DoS) attacks.

The Cisco ACE Web Application Firewall’s integrated Extensible Markup Language (XML) firewall

capabilities extend protection for traditional HTML-based Web applications to modern XML-

enabled Web services applications. The security for XML data includes XML threat mitigation such

1 2 3 4 5 6

Summary of Contents

Page 1 - Product Overview

Page 2 - Features and Benefits

Page 3 - Product Specifications

Page 4 - Data Sheet

Page 5 - Cisco Service and Support

Page 6 - For More Information

Comments to this Manuals

No comments

Cisco ACE-WAF-GAT-LICFX Datasheet

Browse online or download Datasheet for Software licenses/upgrades Cisco ACE-WAF-GAT-LICFX. Cisco ACE-WAF-GAT-LICFX User Manual

Summary of Contents

Comments to this Manuals

Related products and manuals for Software licenses/upgrades Cisco ACE-WAF-GAT-LICFX