News
A10 Networks’ Web Application Firewall Achieves ICSA Labs Certification
July 2014 by Marc Jacob
A10 Networks announced that the A10 Thunder and AX Series application delivery controller (ADC) product lines, after thorough testing and evaluation, have received web application firewall (WAF) version 2.1 certification from ICSA Labs, an independent division of Verizon which offers vendor-neutral testing and certification.
A10 Thunder and AX Series ADC products are high-performance application delivery controllers that enable customers’ applications to be highly available, accelerated and secure. A10 Thunder ADC advanced security features include WAF, DNS Application Firewall (DAF), Application Access Management (AAM) for authentication, SSL Intercept (SI), and more. The product line is built on A10’s Advanced Core Operating System (ACOS) platform, with the Symmetric Scalable Multi-Core Processing (SSMP) software architecture—delivering high performance and a variety of deployment options for dedicated, hosted, or cloud data centers.
ICSA Labs testing and certification provides security professionals and application developers who deploy web-based applications with the confidence that the A10 ADC solutions perform as intended to secure those vital application services from exploitation and attack.
The A10 ADC solutions were installed in an ICSA Labs environment designed to mimic and represent a real-world deployment of a web application firewall. ICSA Labs Network Security analysts ran an increasingly sophisticated suite of web attacks, penetration tests, and scans against a set of websites protected by the A10 ADC solutions to verify WAF functionality.
During the simulation, lab analysts also verified that the A10 ADC solutions were not susceptible to commonly known vulnerabilities or exploits. This includes attacks targeting buffer overflow, cross site scripting (XSS), cross site request forgery (CSRF), improper input validation session mismanagement and information leakage.
ICSA Labs, an independent division of Verizon, offers vendor-neutral testing and certification. ICSA Labs tests WAF products against a standard, yet evolving set of criteria composed of both functional and assurance requirements.
The 2.1 version of the ICSA Labs certification criteria accommodates the evolution and different functional requirements of today’s web application firewall market. The goal of ICSA Labs is to significantly increase user and enterprise trust in information security products and solutions.
The certification report for A10 Networks is available at the ICSA Labs
