DUBAI, United Arab Emirates – 3rd July, 2014 – A10 Networks (NYSE: ATEN), a technology leader in application networking, today announced that the A10 Thunder and AX Series application delivery controller (ADC) product lines, after thorough testing and evaluation, have received web application firewall (WAF) version 2.1 certification from ICSA Labs, an independent division of Verizon which offers vendor-neutral testing and certification.
A10 Thunder and AX Series ADC products are high-performance application delivery controllers that enable customers’ applications to be highly available, accelerated and secure. A10 Thunder ADC advanced security features include WAF, DNS Application Firewall (DAF), Application Access Management (AAM) for authentication, SSL Intercept (SI), and more. The product line is built on A10’s Advanced Core Operating System (ACOS) platform, with the Symmetric Scalable Multi-Core Processing (SSMP) software architecture—delivering high performance and a variety of deployment options for dedicated, hosted, or cloud data centers.
“Network security risks are constantly changing, and it’s crucial that vendors constantly keep up with that fast rate of change,” said Jason Matlof, vice president of worldwide marketing at A10 Networks. “A10 Networks is committed to regularly undergo independent third-party testing and certification with leading laboratories like ICSA Labs to verify that we’re maintaining the high standards that our customers expect and that we’re developing our security posture to stay ahead of rapidly evolving risks. Security managers, application developers, and others deploying web-based applications can be confident our solutions met all of the criteria elements necessary to achieve this ICSA Labs WAF Certification.”
ICSA Labs testing and certification provides security professionals and application developers who deploy web-based applications with the confidence that the A10 ADC solutions perform as intended to secure those vital application services from exploitation and attack.
“Products that ICSA Labs reviews must endure rigorous testing that’s challenging for many vendors,” said Brian Monkman, technology programs manager at ICSA Labs. “By achieving WAF certification, A10 Networks demonstrated that its ADC networking solutions successfully met our security testing standards.”
The A10 ADC solutions were installed in an ICSA Labs environment designed to mimic and represent a real-world deployment of a web application firewall. ICSA Labs Network Security analysts ran an increasingly sophisticated suite of web attacks, penetration tests, and scans against a set of websites protected by the A10 ADC solutions to verify WAF functionality.
During the simulation, lab analysts also verified that the A10 ADC solutions were not susceptible to commonly known vulnerabilities or exploits. This includes attacks targeting buffer overflow, cross site scripting (XSS), cross site request forgery (CSRF), improper input validation session mismanagement and information leakage.
ICSA Labs, an independent division of Verizon, offers vendor-neutral testing and certification. ICSA Labs tests WAF products against a standard, yet evolving set of criteria composed of both functional and assurance requirements.
The 2.1 version of the ICSA Labs certification criteria accommodates the evolution and different functional requirements of today’s web application firewall market. The goal of ICSA Labs is to significantly increase user and enterprise trust in information security products and solutions.
The certification report for A10 Networks is available at the ICSA Labs website via the following link:
https://www.icsalabs.com/sites/default/files/A10_AXThunder_WAF_Report_20140529_0.pdf
