Welcome!

News Feed Item

A10 Networks' Web Application Firewall Achieves ICSA Labs Certification

Thunder and AX WAFs Pass Rigorous Testing

SAN JOSE, CA -- (Marketwired) -- 07/02/14 -- A10 Networks (NYSE: ATEN), a technology leader in application networking, today announced that the A10 Thunder and AX Series application delivery controller (ADC) product lines, after thorough testing and evaluation, have received web application firewall (WAF) version 2.1 certification from ICSA Labs, an independent division of Verizon which offers vendor-neutral testing and certification.

A10 Thunder and AX Series ADC products are high-performance application delivery controllers that enable customers' applications to be highly available, accelerated and secure. A10 Thunder ADC advanced security features include WAF, DNS Application Firewall (DAF), Application Access Management (AAM) for authentication, SSL Intercept (SI), and more. The product line is built on A10's Advanced Core Operating System (ACOS) platform, with the Symmetric Scalable Multi-Core Processing (SSMP) software architecture -- delivering high performance and a variety of deployment options for dedicated, hosted, or cloud data centers.

"Network security risks are constantly changing, and it's crucial that vendors constantly keep up with that fast rate of change," said Jason Matlof, vice president of worldwide marketing at A10 Networks. "A10 Networks is committed to regularly undergo independent third-party testing and certification with leading laboratories like ICSA Labs to verify that we're maintaining the high standards that our customers expect and that we're developing our security posture to stay ahead of rapidly evolving risks. Security managers, application developers, and others deploying web-based applications can be confident our solutions met all of the criteria elements necessary to achieve this ICSA Labs WAF Certification."

ICSA Labs testing and certification provides security professionals and application developers who deploy web-based applications with the confidence that the A10 ADC solutions perform as intended to secure those vital application services from exploitation and attack.

"Products that ICSA Labs reviews must endure rigorous testing that's challenging for many vendors," said Brian Monkman, technology programs manager at ICSA Labs. "By achieving WAF certification, A10 Networks demonstrated that its ADC networking solutions successfully met our security testing standards."

The A10 ADC solutions were installed in an ICSA Labs environment designed to mimic and represent a real-world deployment of a web application firewall. ICSA Labs Network Security analysts ran an increasingly sophisticated suite of web attacks, penetration tests, and scans against a set of websites protected by the A10 ADC solutions to verify WAF functionality.

During the simulation, lab analysts also verified that the A10 ADC solutions were not susceptible to commonly known vulnerabilities or exploits. This includes attacks targeting buffer overflow, cross site scripting (XSS), cross site request forgery (CSRF), improper input validation session mismanagement and information leakage.

ICSA Labs, an independent division of Verizon, offers vendor-neutral testing and certification. ICSA Labs tests WAF products against a standard, yet evolving set of criteria composed of both functional and assurance requirements.

The 2.1 version of the ICSA Labs certification criteria accommodates the evolution and different functional requirements of today's web application firewall market. The goal of ICSA Labs is to significantly increase user and enterprise trust in information security products and solutions.

The certification report for A10 Networks is available at the ICSA Labs website via the following link:
https://www.icsalabs.com/sites/default/files/A10_AXThunder_WAF_Report_20140529_0.pdf

About A10 Networks
A10 Networks (NYSE: ATEN) is a leader in application networking, providing a range of high-performance application networking solutions that accelerate and secure data center applications and networks of thousands of the largest enterprise, service provider and hyperscale web providers around the world. Founded in 2004, A10 Networks is based in San Jose, Calif., and serves customers globally with offices worldwide. For more information, visit: http://www.a10networks.com

About ICSA Labs
ICSA Labs, an independent division of Verizon, offers third-party testing and certification of security and health IT products, as well as network-connected devices, to measure product compliance, reliability and performance for many of the world's top security vendors. ICSA Labs is an ISO/IEC 17025:2005 accredited and ISO 9001:2008 registered organization. Visit https://www.ICSAlabs.com and https://www.ICSAlabs.com/blogs for more information.

A10 Networks, A10 Thunder, vThunder, ACOS, aCloud, aFleX, aXAPI, aVCS, Virtual Chassis, AX, SoftAX, and aFlow are trademarks or registered trademarks of A10 Networks, Inc. in the United States and other countries. All other trademarks are property of their respective owners.

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
In his keynote at @ThingsExpo, Chris Matthieu, Director of IoT Engineering at Citrix and co-founder and CTO of Octoblu, focused on building an IoT platform and company. He provided a behind-the-scenes look at Octoblu’s platform, business, and pivots along the way (including the Citrix acquisition of Octoblu).
"Plutora provides release and testing environment capabilities to the enterprise," explained Dalibor Siroky, Director and Co-founder of Plutora, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
DevOps tends to focus on the relationship between Dev and Ops, putting an emphasis on the ops and application infrastructure. But that’s changing with microservices architectures. In her session at DevOps Summit, Lori MacVittie, Evangelist for F5 Networks, will focus on how microservices are changing the underlying architectures needed to scale, secure and deliver applications based on highly distributed (micro) services and why that means an expansion into “the network” for DevOps.
SYS-CON Events announced today that Enzu will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY, and the 21st International Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive ad...
"We are an all-flash array storage provider but our focus has been on VM-aware storage specifically for virtualized applications," stated Dhiraj Sehgal of Tintri in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Choosing the right cloud for your workloads is a balancing act that can cost your organization time, money and aggravation - unless you get it right the first time. Economics, speed, performance, accessibility, administrative needs and security all play a vital role in dictating your approach to the cloud. Without knowing the right questions to ask, you could wind up paying for capacity you'll never need or underestimating the resources required to run your applications.
Web Real-Time Communication APIs have quickly revolutionized what browsers are capable of. In addition to video and audio streams, we can now bi-directionally send arbitrary data over WebRTC's PeerConnection Data Channels. With the advent of Progressive Web Apps and new hardware APIs such as WebBluetooh and WebUSB, we can finally enable users to stitch together the Internet of Things directly from their browsers while communicating privately and securely in a decentralized way.
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, looked at differ...
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
Security, data privacy, reliability and regulatory compliance are critical factors when evaluating whether to move business applications from in-house client hosted environments to a cloud platform. In her session at 18th Cloud Expo, Vandana Viswanathan, Associate Director at Cognizant, In this session, will provide an orientation to the five stages required to implement a cloud hosted solution validation strategy.
The security needs of IoT environments require a strong, proven approach to maintain security, trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vic...
With the proliferation of both SQL and NoSQL databases, organizations can now target specific fit-for-purpose database tools for their different application needs regarding scalability, ease of use, ACID support, etc. Platform as a Service offerings make this even easier now, enabling developers to roll out their own database infrastructure in minutes with minimal management overhead. However, this same amount of flexibility also comes with the challenges of picking the right tool, on the right ...
With all the incredible momentum behind the Internet of Things (IoT) industry, it is easy to forget that not a single CEO wakes up and wonders if “my IoT is broken.” What they wonder is if they are making the right decisions to do all they can to increase revenue, decrease costs, and improve customer experience – effectively the same challenges they have always had in growing their business. The exciting thing about the IoT industry is now these decisions can be better, faster, and smarter. Now ...
"Splunk basically takes machine data and we make it usable, valuable and accessible for everyone. The way that plays in DevOps is - we need to make data-driven decisions to delivering applications," explained Andi Mann, Chief Technology Advocate at Splunk and @DevOpsSummit Conference Chair, in this SYS-CON.tv interview at @DevOpsSummit at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.