Data Sheet
© 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 6
Cisco ACE Web Application Firewall
Product Overview
The Cisco
®
ACE Web Application Firewall (Figure 1) is the newest component of the Cisco
Application Control Engine (ACE) family of products.
Many organizations are looking to increase efficiency and profitability through the implementation
of new Web-based applications, Web 2.0 and SOA solutions. These new Web-based services
provide greater flexibility and interactivity to customers, employees, and partners. At the same
time, criminals have seized on exploiting these new, and often poorly secured services for such
things as financial fraud, identity and data theft, denial of service attacks, and the spread of
malware and remote-controlled agent software.
According to privacyrights.org, nearly a quarter of a billion records have been breached since 2005
in the US alone. In response, new and emerging regulatory requirements, like Sarbanes-Oxley,
Graham-Leach-Bliley, HIPAA, PCI, Basel II, EU Data Privacy Regulation, J-SOX, and PIPEDA, in
virtually every country and region in the world, place a special emphasis on protecting the access
to, transmission of, and storage of sensitive information, such as the personal and financial
information of customers and employees.
Of special interest is the protection of consumer financial and personal information. In response to
increased identity theft incidents and security breaches, major credit card companies have
collaborated to create the Payment Card Industry (PCI) Data Security Standard (DSS), which is a
series of requirements to streamline and standardize how companies store and access credit card
information.
The Cisco ACE Web Application Firewall helps organizations that store, process, and transmit
credit card data to comply with the PCI DSS requirements. Because of its unique blend of HTML
and XML security, the Cisco ACE Web Application Firewall provides a full compliance solution for
the PCI DSS version 1.1’s requirements in sections 6.5 and 6.6.
Section 6.6 in particular mandates that any organization handling, processing, or storing credit
card information must install a Web application firewall by June 30, 2008 to protect applications
against the OWASP Top 10 attacks (
http://www.owasp.org/index.php/Top_10_2007.)
The Cisco ACE Web Application Firewall provides full compliance with the latest PCI requirements
by combining deep Web application analysis with high-performance XML inspection and
management to truly address the full range of threats associated with all new Web application
services. It secures and protects Web applications from common attacks, such as identity theft,
data theft, application disruption, fraud and targeted attacks. These attacks may include cross-site
scripting (XSS) attacks, SQL and command injection, privilege escalation, cross-site request
forgeries (CSRF), buffer overflows, cookie tampering, and Denial of Service (DoS) attacks.
The Cisco ACE Web Application Firewall’s integrated Extensible Markup Language (XML) firewall
capabilities extend protection for traditional HTML-based Web applications to modern XML-
enabled Web services applications. The security for XML data includes XML threat mitigation such
下载后可阅读完整内容,剩余5页未读,立即下载
陈慧几乎
- 粉丝: 0
- 资源: 4
我的内容管理
展开
最新资源
- JDK 17 Linux版本压缩包解压与安装指南
- C++/Qt飞行模拟器教员控制台系统源码发布
- TensorFlow深度学习实践:CNN在MNIST数据集上的应用
- 鸿蒙驱动HCIA资料整理-培训教材与开发者指南
- 凯撒Java版SaaS OA协同办公软件v2.0特性解析
- AutoCAD二次开发中文指南下载 - C#编程深入解析
- C语言冒泡排序算法实现详解
- Pointofix截屏:轻松实现高效截图体验
- Matlab实现SVM数据分类与预测教程
- 基于JSP+SQL的网站流量统计管理系统设计与实现
- C语言实现删除字符中重复项的方法与技巧
- e-sqlcipher.dll动态链接库的作用与应用
- 浙江工业大学自考网站开发与继续教育官网模板设计
- STM32 103C8T6 OLED 显示程序实现指南
- 高效压缩技术:删除重复字符压缩包
- JSP+SQL智能交通管理系统:违章处理与交通效率提升
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
