Transcription
OverviewBusiness DriversCapabilities &Use CasesQualifying &DiscoveryCompetitionPricing andPackagingSales ResourcesF5 Advanced WAFPlaybook 2018April 2018
OverviewCapabilities &Use CasesBusiness DriversWhat is Advanced WAFQualifying &DiscoveryMarket OpportunityCompetitionPricing andPackagingWhy Sell Advanced WAFProtect against bots, credential attacks, and app-layer DoSAnti-botMobile SDKF5 Advanced WAFUserscredentialsMobileHackerBotsBot MitigationCredential ProtectionApp-Layer DoSSales ResourcesWhy Customers Buy
OverviewBusiness DriversCapabilities &Use CasesWhat is Advanced WAFQualifying &DiscoveryMarket OpportunityCompetitionPricing andPackagingWhy Sell Advanced WAFSales ResourcesWhy Customers BuyTotal Market 1,200 1,100 1,025 1,000 941 840High growth marketfueled by proliferation ofapps, APIs, and businessdigital transformation 800 600 400 200 02018201920202021
OverviewCapabilities &Use CasesBusiness DriversWhat is Advanced WAFMarket OpportunityCompetitionCyber-Espionage15%Privilege Misuse14%Miscellaneous Errors11%Point of Sale11%Everything Else2017 Verizon DataBreachInvestigations Report”Web Application Attacksremains the mostprevalent”9%Payment Card Skimmers5%Physical Theft and Loss4%Crimeware“Use of stolen credentialsagainst web applicationswas the dominant hackingtactic“2%1%0%10%20%30%40%Pricing andPackagingWhy Sell Advanced WAF29%Web App AttacksDenial of ServiceQualifying &DiscoverySales ResourcesWhy Customers Buy Protecting apps is a hardproblem to cost-efficiently solve Apps continue to be the #1source of data breaches WAF deployment is leadingpractice – your customer isgoing to buy one Addresses a C-Level riskmanagement concern
OverviewBusiness DriversCapabilities &Use CasesWhat is Advanced WAFQualifying &DiscoveryMarket OpportunityCompetitionPricing andPackagingWhy Sell Advanced WAFSales ResourcesWhy Customers BuyWeb Application Firewalls are the fastest and most cost-effective way toaddress application vulnerabilities in productionSENSITIVE DATACLOUDAPIsAPPSHalf of applicationsremain vulnerableTransformation createsoperational challengesAPIs are being exploitedand abused
OverviewBusiness DriversAddresses Top ThreatCapabilities &Use CasesQualifying &DiscoveryApp ProtectionsWeb app attacksare the #1 singlepoint of entry insuccessful databreaches Pricing andPackagingCompetitionSales ResourcesAdvanced Protections53%Web App Attacks33%User / Identity11%PhysicalOther (VPN, PoS, infra.)3%
OverviewBusiness DriversCapabilities &Use CasesAddresses Top ThreatQualifying &DiscoveryApp ProtectionsCompetitionPricing andPackagingAdvanced ProtectionsWAFs don’t requireaccess to source codeor developersFix vulnerabilitiesStop web attacksRisk & complianceSales ResourcesWAFs provide coveragefor OWASP Top 10WAFTechnologyWAFs fix vulnerabilitiespromptly withoutmaintenance windowsWAFs can be analternative to code review
OverviewBusiness DriversCapabilities &Use CasesAddresses Top ThreatTraditional WAF:Qualifying &DiscoveryApp ProtectionsCompetitionPricing andPackagingSales ResourcesAdvanced ProtectionsAdvanced WAF:OWASP Top 10OWASP Top 10Malicious BotsSSL/TLS InspectionSSL/TLS InspectionCredential AttacksScriptingScriptingAPI Attacks
OverviewDifferentiationBusiness DriversCapabilities &Use CasesBot MitigationQualifying &DiscoveryCredential ProtectionCompetitionApplication DoSPricing andPackagingAPI SecuritySales ResourcesOWASP Top 10F5 is uniquely positionedApplication Protection Advanced WAF Mitigate bots for web and mobile apps Prevent credential theft and abuse Defend against application DoSThis graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from F5 Networks. Gartner does not endorse any vendor,product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's researchorganization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
OverviewDifferentiationBusiness DriversCapabilities &Use CasesBot MitigationQualifying &DiscoveryApplication DoSCredential ProtectionMalicious BotsCompetitionAnti-BotMobile SDKPricing andPackagingAPI SecuritySales ResourcesOWASP Top 10F5 Advanced WAFWebProactive Bot DefenseMobileAutomated attacks are increasing infrequency and sophisticationHackerBots77% of web attacks are from botsMobile apps are a growing targetAdvanced WAF mitigate bots for web and mobile apps Proactive Bot Defense blocks web bots automatically F5 Anti-Bot Mobile SDK only allows trusted mobile users
OverviewDifferentiationBusiness DriversCapabilities &Use CasesBot MitigationQualifying &DiscoveryCredential ProtectionCompetitionApplication DoSPricing andPackagingAPI SecuritySales ResourcesOWASP Top 10Credential AttacksHackers target credentials andsensitive data3 billion credentials reportedstolen in 2016The victim is infectedwith malwareAdvanced WAF prevent credential theft and abuse DataSafe encrypts and obfuscates sensitive data Brute Force Mitigation prevents credential stuffing
OverviewDifferentiationBusiness DriversCapabilities &Use CasesBot MitigationQualifying &DiscoveryCredential ProtectionCompetitionApplication DoSPricing andPackagingAPI SecuritySales ResourcesOWASP Top 10Application Denialof Service (DoS)Application layer DoS evadesstatic security solutionsApplication layer DoS hasincreased by 43%Advanced WAF defend against application DoS Automated baseline and stress monitoring Behavioral analytics and machine learning
OverviewDifferentiationBusiness DriversCapabilities &Use CasesBot MitigationQualifying &DiscoveryCredential ProtectionCompetitionApplication DoSPricing andPackagingAPI SecuritySales ResourcesOWASP Top 10API SecurityModern applicationarchitectures leverageApplication ProgrammingInterfaces (APIs)Advanced WAF protects APIs:Unprotected APIs are beingexploited Rest API, JSON, SOAP, AJAX, XML, WSDL parsing Brute Force mitigation, attack signatures, L7 DoS
OverviewDifferentiationBusiness DriversCapabilities &Use CasesBot MitigationQualifying &DiscoveryCredential ProtectionCompetitionApplication DoSPricing andPackagingAPI SecuritySales ResourcesOWASP Top 10OWASP Top 10A broad consensus on themost critical web applicationsecurity flawsAdvanced WAF protects from the OWASP Top 10: Mitigations for all well known persistent attacks Beyond OWASP: bots, credential theft, application DoS
OverviewBusiness DriversCapabilities &Use CasesQualifiersQualifying &DiscoveryKey StakeholdersQualifiers New application initiatives-Net new application deployments with budgetMoving existing apps to cloud environmentsBusiness digital transformation projectsBuilding new application APIs Compelling events- Data breach- Out of compliance / fines- Failed audit Has competitive product- Using Imperva, Barracuda, or other basicWAFCompetitionPricing andPackagingDiscussion QuestionsSales ResourcesObjection HandlingDisqualifiers Few or limited applications- No apps or apps are not a part of the businessmodel- Low risk exposure for applications- No application APIs No compelling event or initiative- No pain- No budget AND no painCheck back in 3-6 months, things may have changed
OverviewBusiness DriversCapabilities &Use CasesQualifiersStakeholderCIO/CISO (or representative)Focus on business capacity and asset controlLOB/App OwnerFocus on speed to market/implementationQualifying &DiscoveryKey Stakeholders YesCompetitionPricing andPackagingDiscussion QuestionsSales ResourcesObjection HandlingTop ConcernsKeeping pace with business - Become an enabler of business and not an the bottle neckReducing business risk – Identification and implementation of risk mitigating controlsYesBusiness success - Leverage IT tools for business objectives, not deeply concerned with details ofdeployment, just want to get it done. Don’t want to know the sausage ingredients, just want the finishedproductNoHappy users / Operational success - Application availability, business as usualIT Ops/Director (Ops)Focus on availability, uptime, and resourceallocationCompliance OfficerFocus on privacy and regulatory complianceNoDirector Risk ManagementFocus on implementation & awareness of riskmanagementNoDeveloping process - Implement technology and practices compliant with best practicesConsulting lines of business – provide education and training for risk management policyIdentify Risk Gaps – in business process and projects, escalate and work to resolutionImproving decision making - Technology strategy for enterprise operations.Enterprise / Security ArchitectFocus on infrastructure, costs, and bestpracticesKeeping up to date – Regulatory & compliance laws: PCI-DSS, data protection.NoLeading adoption - The identification, analysis, evaluation, and life-cycle management securitytechnologies
OverviewBusiness DriversQualifiersCapabilities &Use CasesQualifying &DiscoveryKey StakeholdersQuestions to AskCompetitionPricing andPackagingDiscussion QuestionsSales ResourcesObjection HandlingFollow-up QuestionsHow many web/mobile business apps do youhost?Do you have the SecOps capacity to manage all ofyour application security policies?What are you doing to protect apps fromattacks?What is the business impact of a an app outage orbreach? What about an app data breach?How do you create and manage app securitypolicies?Are they efficient? How do you know?How do you safeguard sensitive user data inuse by your applications?What is the business impact of an app data breach?If you could encrypt this data without impact to theapp or client, would you do it?What percentage of your app traffic is frombots? Do you have a solution in place to blockmalicious bot traffic?Would blocking bot traffic make your apps moreefficient? Reduce costs? How do you stop botbased fraud?
OverviewBusiness DriversCapabilities &Use CasesQualifiersQualifying &DiscoveryKey StakeholdersCompetitionPricing andPackagingDiscussion QuestionsSales ResourcesObjection HandlingI already have a WAF, why should I care about F5 Advanced WAF?Our customer have found that the Advanced WAF helps optimize efficiency and operationalcosts by using behavioral analytics to automatically generate and deploy optimal securitypolicies. The added advanced features – for bot mitigation, credential protection, and dataencryption have also been compelling drivers for our customers.I’ll just use the AWS WAFI understand, basic WAFs are easy to use. However these only provide simple protections. WithAWS you pay per rule and request. If you want to keep it simple, consider F5 managed rules forAWS WAF our managed service, Silverline. These provide simplicity and offer advancedprotections created by F5 pros.
OverviewBusiness DriversCapabilities &Use CasesMarket AdvantagesKey F5 AdvantagesQualifying &DiscoveryCompetitionPricing andPackagingSales ResourcesImpervaBot Protection beyond signatures and reputation Web and mobile application protection Client fingerprinting Server performance monitoringAccount Takeover that stops credential theft and abuse Bot Protection Account Takeover Application DoS Application Layer Encryption Obfuscation and evasion detection Comprehensive Brute Force mitigation including credential stuffingApplication DoS that adapts to changing apps Real-time application baselines Behavioral Denial of Service with machine learning Dynamic signatures with low false positives
OverviewBusiness DriversMarket AdvantagesCapabilities &Use CasesQualifying &DiscoveryCompetitionPricing andPackagingSales ResourcesImperva Imperva lacks capabilities to defend against web and mobile bots, protectfrom data compromise, and mitigate application layer DoS. Imperva lacks bot protection for mobile apps, has no ability to protectfrom credential compromise, has limited ability to protect against clientside evasions, lacks server monitoring of mitigation effectiveness, lacksbehavioral analysis or dynamic signature creation. There is serious performance degradation for SSL/TLS decryption forPerfect Forward Secrecy (PFS), content re-writing, and authentication. Imperva has a high TCO due to reliance on multiple subscriptions andrequirements for Gateway and Management (MX) servers. There is no integration between SecureSphere and Incapsulsa (e.g.dynamic signaling), and Incapsula has a limited Security Operations Center(SOC) and customers become reliant on self-managed policies.
OverviewBusiness DriversSolution ComponentsCapabilities &Use CasesQualifying &DiscoveryPlatformsCompetitionUpgrades and MigrationBase ADCL7 DDoSStandard WAF(ASM) API Sec*Anti-Bot A.Bot MDataSafeBehavioralDoS UnlimitedUpstreamSignaling*CredentialStuffing DB*(S)ThreatCampaign* (S)C. Device ID*(S)(S ) - Subscription( ) - Add On(*) – Coming soonPricing andPackaging(I) – Advanced WAFSales ResourcesSample OrdersANTI-BOTMOBILE SDKPROACTIVEBOT DEFENSEAPP-LAYERENCRYPTIONBEHAVIORALDDOS
OverviewBusiness DriversSolution ComponentsCapabilities &Use CasesQualifying &DiscoveryCompetitionPlatformsPricing andPackagingUpgrades and MigrationSales ResourcesSample 5-BIG-AWF-i4800F5-BIG-AWF-i2800 32,995 154,495Virtual Editions (VEs) All F5 VEsCloud Platforms (Cal Q2) AWS Azure GoogleManaged Services F5 Silverline
OverviewBusiness DriversSolution ComponentsCustomer TypeNew CustomerASM stand-aloneGBB (Best)LTMCapabilities &Use CasesQualifying &DiscoveryPlatformsCompetitionPricing andPackagingUpgrades and MigrationWhat to SellSales ResourcesSample OrdersAvailable Add-ons(At Launch)Advance WAF Anti-bot mobile SDK DataSafe IP IntelligenceUpgrade to Advanced WAF Anti-bot mobile SDK DataSafe IP IntelligenceUpgrade to Advanced WAF Anti-bot mobile SDK DataSafe IP IntelligenceLTM Add-on for Advanced WAF Anti-bot mobile SDK DataSafe IP Intelligence
OverviewBusiness DriversCapabilities &Use CasesSolution ComponentsQualifying &DiscoveryPlatformsCompetitionUpgrades and MigrationF5-BIG-AWF-I5800F5-BIG-AWF-I10800BIG-IP i5800 Advanced Web ApplicationFirewall (48 GB Memory, SSD, Max SSL, MaxCompression, vCMP)BIG-IP i10800 Advanced Web ApplicationFirewall (128 GB Memory, SSD, Max SSL,Max Compression, vCMP, Dual AC PowerSupplies)BIG-IP Anti-Bot Mobile SDK Add-on Licensefor i5X00 Advanced Web Application FirewallBIG-IP IP Intelligence License for5250v/5050s/i5X00 (3-Year Subscription)Installation BIG-IP Advanced Web ApplicationFirewall (per pair, standard hours)BIG-IP Essentials Training (4 days)BIG-IP Anti-Bot Mobile SDK Add-on Licensefor i10X00 Advanced Web Application FirewallBIG-IP IP Intelligence License for102XXv/10X5Xs/72XXv/705Xs/i7X00 (3-YearSubscription)Installation BIG-IP Advanced Web ApplicationFirewall (per pair, standard hours)BIG-IP Essentials Training (4 days)Pricing andPackagingSales ResourcesSample OrdersF5-VPR-AWF-C4480-ACVIPRION 4480 Advanced Web Application FirewallChassis (4 x Slots, 4 x AC Power Supplies)VIPRION 4450 Advanced Web Application FirewallBlade NEBS (256 GB Memory, 6 x QSFP Ports, 2 xQSFP28 Ports, NEBS Level 3 Certified)VIPRION Anti-Bot Mobile SDK License for 4800ChassisVIPRION IP Intelligence License for 4800 Chassis (3Year Subscription)Installation BIG-IP Advanced Web ApplicationFirewall (per pair, standard hours)BIG-IP Essentials Training (4 days)
OverviewBusiness DriversSales MotionsCapabilities &Use CasesIncentivesQualifying &DiscoveryCompetitionKey ResourcesPricing andPackagingSales Resources
OverviewBusiness DriversUpsell Sales MotionCapabilities &Use CasesIncentivesQualifying &DiscoveryCompetitionPricing andPackagingSales ResourcesKey ResourcesWAF Rebate Program Offer details:Sell any standalone, add-on ASM or WAF SKU (including Silverline) above 10k list price to earn a rebate. Toqualify, it must be a Partner Initiated Opportunity (PIO) and meet the minimum list price target:Program Details:F5 List PriceRebate 10k - 50k 1000 USD 50k - 100k 2500 USD 100k 4500 USD PIO opportunities must be created and closed between October 1, 2017 and September 30,2018 All qualified PIOs that include a qualifying WAF SKU above 10k will be eligible for rebate Maximum payout per opportunity is 20k USD List price is defined as the SKU price on F5’s price listAdditional Kickers: 2x rebate when displacing an eligibleImperva product Additional 1000 for all ASM upgrade toAdv. WAF SKUs sold Proof of Imperva displacement is required to earn kicker All qualifying PIO deals must be closed and booked at 100% in F5 systems on or beforeSeptember 30, 2018 Rebates will be paid at the end of every quarter for deals that closed in the previous quarter This rebate is stackable with other current F5 partner rebates and incentives; check PartnerCentral for additional information
OverviewBusiness DriversUpsell Sales MotionCapabilities &Use CasesIncentives Customer DeckQuick Reference Guide (QRG)Advanced WAF FAQF5 Security Product Line CardEmail Template Advanced WAFDataSafeAnti-bot SDKWAF Assessment ServiceIP Intelligence ServiceQualifying &DiscoveryCompetitionPricing andPackagingSales ResourcesKey Resources App Protect LibraryGartner WAF Magic QuadrantOWASP Top 10 WebinarCase StudiesF5 Labs
F5 Advanced WAF Playbook 2018 April 2018. Overview Business Drivers Capabilities & Use Cases Qualifying & Discovery Competition Pricing and Packaging Sales Resources . AWS WAF our managed service, Silverline. These provide simplicity and offer advanced protections created by F5 pros. I'll just use the AWS WAF. Overview Capabilities & Use Cases
