Some of our internal teams recently reviewed customer surveys that show that security is strong for NetScaler, but more documentation is needed out there so that more people know of all the awesome capabilities. NetScaler AppFirewall was even voted for Gold award last year by security gurus, further cementing what we’ve known all along.
As a recap, in addition to the full ADC functionality NetScaler has many different security features including Identity and Access Management, Networking Infrastructure Security, and Application Security. For this post, we are going to focus on NetScaler AppFirewall as part of the Application Security module of NetScaler.
NetScaler AppFirewall’s security model is a hybrid model, combining the best of both worlds. The first is the Positive Security Model which has upfront protection for common Cross Site scripting, SQL injection attacks and various application logic attacks. The second part of the hybrid model is the Negative Security Model which is all about providing protection against all known threats. This really simplifies customer deployments by making it easy to deploy with signatures for known vulnerabilities. With this hybrid model, NetScaler AppFirewall can protect against all known and unknown threats. Data protections, various advanced protections and PCI compliance reports are also all available.
NetScaler AppFirewall can be offered as a standalone appliance or can be a part of the ADC appliance where all different modules are fully integrated with each other. This means that object and policy level sharing simplify administration, while system-level process sharing ensures high performance by avoiding the need for multi-pass packet processing.
NetScaler AppFirewall is a mature and rock solid product that has been serving many different industries from financial, ecommerce, education and healthcare and is deployed in both enterprises and telcos for more than a decade.
This Citrix CTX200104 article summarizes some steps to get your feet wet on NetScaler AppFirewall. This includes some good details on profiles, what’s in basic and advanced protections, what it means by importing from external files for more AppFirewall rules. This also includes what you get with signatures which is described above as the Negative Security Model. What’s really cool about this article is that there are flexible ways you can setup policies for actions on attacks to setting priorities of policies.
Here is a capture of AppFirewall GUI to give you some visuals while reading through this Intro to NetScaler AppFirewall:
Here is also a sample of AppFirewall Profiles:
And lastly, here is sample of Policies: