1、Improving Web Application Security:The Akamai Approach to WAFAkamai White Paper The Akamai Approach to WAF 2INTRODUCTION 3CHALLENGES WITH DEPLOYING WAFS 3WAF DESIGN PRINCIPLES 4 Accurate Protection 4 Visibility into Attacks 4 Adaptability to Changing Threats 4 Adequate Scale 5 Ease of Management 5KO

2、NA RULE SET 5 Broader and More Flexible Rules 5 Anomaly Scoring Model 5 Weighted Risk Scoring 6 Custom Rules 6CLOSED LOOP TESTING AND UPDATING KRS 6 Automated WAF Testing Framework 6 Testing with Real-world Data 7 Publishing Rule Changes 7 Rule Versioning 8THREAT INTELLIGENCE 8 Cloud Security Intell

3、igence 8 Threat Research and Incident Response 8 Client Reputation 10GLOBALLY DISTRIBUTED CLOUD PLATFORM 10 Global Scale 10 Performance 10MANAGED SECURITY SERVICES 11 Ongoing WAF Management 11 Managed Attack Support 11CONCLUSION 11TABLE OF CONTENTSAkamai White Paper The Akamai Approach to WAF 3Intro

4、ductionMany security professionals consider the web application firewall(WAF)to be among the most complex security technologies on the market today.Sitting in the middle of the HTTP conversation between users and a web application,the WAF inspects HTTP traffic passing through it for any attacks as d

5、efined by a list of rules.The complexity of this task comes inherently with its basic definition,that of:Relying on a pre-defined list of rules to identify malicious HTTP requests,with thousands of potential exploits to guard against.In addition,new attack vectors or additional permutations of exist

6、ing ones are continuously being discovered and exploited.Relying on a pre-defined list of rules to identify malicious HTTP requests interspersed with legitimate HTTP traffic,while the characteristics of legitimate traffic differ on a per-application basis and change over time.Complicating this task,