News
Wick Hill Now Shipping A10 Networks’ Web Application Firewall, With ICSA Labs Certification
August 2014 by Marc Jacob
Wick Hill is now shipping A10 Network’s Thunder and AX Series application delivery controllers (ADCs), with web application firewall (WAF) version 2.1 certification from ICSA Labs, an independent division of Verizon which offers vendor-neutral testing and certification.
A10 Thunder and AX Series ADC products are high-performance application delivery controllers that enable customers’ applications to be highly available, accelerated and secure. A10 Thunder ADC advanced security features include WAF, DNS Application Firewall (DAF), Application Access Management (AAM) for authentication, SSL Intercept (SI), and more. The product line is built on A10’s Advanced Core Operating System (ACOS) platform, with the Symmetric Scalable Multi-Core Processing (SSMP) software architecture — delivering high performance and a variety of deployment options for dedicated, hosted, or cloud data centers.
Ian Kilpatrick, chairman of A10 distributor Wick Hill, commented: "We are seeing significant growth around ADCs and these certifications will further cement A10’s leading position in this market."
Brian Monkman, technology programs manager at ICSA Labs, said: "Products that ICSA Labs reviews must endure rigorous testing that’s challenging for many vendors. By achieving WAF certification, A10 Networks demonstrated that its ADC networking solutions successfully met our security testing standards."
The A10 ADC solutions were installed in an ICSA Labs environment designed to mimic and represent a real-world deployment of a web application firewall. ICSA Labs Network Security analysts ran an increasingly sophisticated suite of web attacks, penetration tests, and scans against a set of websites protected by the A10 ADC solutions to verify WAF functionality.
During the simulation, lab analysts also verified that the A10 ADC solutions were not susceptible to commonly known vulnerabilities or exploits. This includes attacks targeting buffer overflow, cross site scripting (XSS), cross site request forgery (CSRF), improper input validation session mismanagement and information leakage.
ICSA Labs, an independent division of Verizon, offers vendor-neutral testing and certification. ICSA Labs tests WAF products against a standard, yet evolving set of criteria composed of both functional and assurance requirements.
The 2.1 version of the ICSA Labs certification criteria accommodates the evolution and different functional requirements of today’s web application firewall market. The goal of ICSA Labs is to significantly increase user and enterprise trust in information security products and solutions.
The certification report for A10 Networks is available at the ICSA Labs website via the following link:
www.icsalabs.com/sites/default/files/A10_AXThunder_WAF_Report_20140529_0.pdf
