• View Communities
    • Citrix Developer Network
      The place for unfiltered straight talk on Citrix products. Blogs, code downloads, best practices, APIs, and more can all be found here.
    • Citrix Ready Community Verified
      Does it work with Citrix? Application compatibility questions are a thing of the past with the new Citrix Community Verified site.
    • Blogs
      Learn the latest from the Citrix employees who are building application delivery infrastructure technologies.
    • Blogosphere
      The Citrix Blogosphere is a window into the thousands of conversations taking place about Citrix and Application Delivery.
  •  Sign In
The Citrix Blog
Blogs for tag 'waf'

Permalink | Twitter Post to Twitter | Comments (0) | Views (2370) |

23 Sep 2009 06:46 PM EDT
Protect XML applications with the NetScaler Application Firewall (Whitepaper)
[ Tags:  netscaler ,   access-gateway ,   application firewall ,   xml ,   waf ,   application security ,   application delivery controller ,   load balancing ]
posted by vamsi Korrapati

A new whitepaper describing the XML firewall features available in NetScaler version 9.x is available here.
It includes a concise summary of the feature capabilities and the types of applications that the Application firewall can secure. Security is a core component of the Application Delivery Controller (ADC) platform. For a broad overview of the security related features available in the NetScaler, get Citrix NetScaler - A Comprehensive Application Security Solution.

Expand Blog Post
Permalink | Twitter Post to Twitter | Comments (0) | Views (1930) |

17 Sep 2009 07:49 PM EDT
Citrix NetScaler Application Firewall 9.x does Content Switching too!
[ Tags:  netscaler ,   application firewall ,   waf ,   content switching ]
posted by vamsi Korrapati

NetScaler Application Firewall devices are commonly deployed as a cluster of devices behind (hopefully) a NetScaler loadbalancer or Application Delivery Controller (ADC), as we like to call them now. Content Switching or URL based routing decisions are typically done on the load balancer, but some topologies require the flexibility of performing this action from the firewall tier itself. In this case, the firewall is directly connected to the web server tier without a loadbalancer in between.

The NetScaler Application Firewall can do content switching using the AppExpert policy engine based on any incoming request parameters to direct traffic to backend servers. Upgrading to the Platinum edition will make all NetScaler features available in an integrated platform enabling consolidation of server tiers. This feature is available in NetScaler 9.0 Build 69.x onwards as well as the 9.1 release.

Expand Blog Post
Permalink | Twitter Post to Twitter | Comments (0) | Views (10157) |

29 May 2008 01:21 PM EDT
Citrix Web App Firewall Blocks the Nihaorr1 Script
[ Tags:  appexpert ,   apptips ,   citrix ,   firewall ,   injection ,   netscaler ,   nihaorr1 ,   sql ,   tips ,   waf ,   xss ,   js ,   wasc ,   wafec ,   owasp ,   haoliuliang ,   lb ,   llb ,   slb ,   clustering ,   app firewall ,   web firewall ,   sql injection ,   web security ,   web site firewall ,   website firewall ,   web filter ,   content filter ,   application blocking ,   citrix load balancer ,   citrix load balancing ,   link load balancer ,   link load balancing ,   load balancer ,   load balancing ,   server load balancer ,   server load balancing ,   security load balancer ,   security load balancing ,   hardware load balancer ,   hardware load balancing ,   next gen load balancing ,   website load balancer ,   website load balancing ,   application load balancer ,   application load balancing ,   application switch ,   web application controller ,   application controller ,   application delivery ]
posted by Craig Ellrod

Hundreds of Thousands of Web Servers have been getting hacked, including several at the United Nations. The appearance is that the hack exploits a vulnerability in Microsoft IIS because of a Microsoft SQL Specific injection payload, however the attack is capable of infecting any type of web server open to SQL Injection and Cross Site Scriting (XSS) attacks.

Microsoft released some security bulletins (951306, MS08-006) stating vulnerabilities in their IIS web server,  alluding to the vulnerabilities recently brought to light. A script homed at nihaorr1.com based in China was found to be infecting many servers, and spreading quickly. Further research into the problem indicates that non-Microsoft types of servers may also be affected by the attack.

As of May 12, 2008, Google's Index had 1,700,000 infected pages.  The domains currently being injected that contain the malicious Javascript are:

  • nihaorr1.com
  • 2117966.net
  • aspder.com
  • haoliuliang.net
  • nmidahena.com
  • free.hostpinoy.info
  • xprmn4u.info
  • winzipices.cn
  • wowgm1.cn
  • killwow1.cn
  • wowyeye.cn
  • wowgm1.cn
  • winzipices.cn

This vulnerability and others like it can easily be stopped with a Citrix Web Application Firewall using default policies to block SQL injection and Cross Site Scripting. We setup a demo in our lab, to show how easy it is to configure and block this type of threat.

See the mailicious script in action:


Watch how Citrix Web App Firewall blocks the malicious script:


See how easy it is to configure the Citrix Web App Firewall:


Read about the Citrix Application Firewall here.

Buy the Citrix Application Firewall here.

Tap into the power of AppExpert

Expand Blog Post