Blog
“Who would ever want to hack us?”
SCOM MP for F5 BIG-IP
Monitoring for F5

“Who would ever want to hack us?”

Many businesses mistakenly assume that they aren’t sufficiently big or interesting to warrant a cyberattack. In reality, there isn’t a defined target for the global hacking community. They try to hit everyone: from governments to large enterprises to everyday people. For them, hacking is sport, enjoyment, a challenge. We are all at risk for stolen identity, intellectual property, personal information or money. According to the Ponemon Institute, companies worldwide lost, on average, $7.7 million in 2015 due to hacking. These days, businesses are going to great lengths to protect against hackers. For example, BT Group, an international telecommunications company, just announced it is hiring 900 new employees devoted to improving cybersecurity solutions they provide for their broadband, mobile and on-demand customers.

While attacks are becoming increasingly sophisticated, IT vendors are responding with advanced methods of protection. F5 BIG-IP Application Security Manager (ASM) is one of the best in the market; this module protects your applications from the top 10 most common web threats and many others. F5 BIG-IP ASM helps you identify attacks, protect your applications and collect statistics about attacks on your application infrastructure. The ASM module also helps you protect yourself from HTTP/S DoS attacks and mitigate geo-location DoS attacks. The platform comes with comprehensive reporting to help you investigate your configuration operational record and mitigate threats to your application.

Some of the most important reports are:

Security policy configuration

  • Attack types
  • Top requested URLs
  • Top requesting IP addresses
  • Top requesting countries
  • White list IPs configuration
  • Traffic statistics
  • Network statistics
  • Device CPU and memory statistics

At Comtrade Software, we use centralized monitoring to collect critical security information from multiple devices with configured ASM modules, and build a single view of all the relevant information to enable application administrators and developers to learn more about threats to their applications.

If an application comes under attack, our F5 BIG-IP management pack (MP) alerts IT teams, providing details about the specific attack type registered by ASM. IT administrators can use these alerts as triggers to start closely monitoring how the infrastructure handles an attack. In some cases, the impact of the attack on CPU and memory can impact application delivery performance, and cause customer issues. When one or multiple attacks are in progress, it can affect how IT handle support calls.

Our MP allows IT to see how the ASM infrastructure protects applications and provides reporting for IT managers and developers, including details on the top attack types during a selected time period and drill down capabilities to all the key statistics. Using our advanced ASM dashboard, you can easily identify which security policy is applied to which servers, and filter out statistics to show data specific to that server. Once you select the security policy, you can see active attack signatures and the enforcement mode, among other information.

On May 12, Comtrade is co-hosting a webinar with F5 to demonstrate typical attacks on applications, show how ASM protects against these attacks and demonstrate how to use our ASM dashboard to investigate security incidents. We’ll also show the value of monitoring and collecting information in Microsoft System Center Operations Manager (SCOM).

Don’t let your unsuspecting organization be the next victim to hackers – sign up today.