Network Application Firewalls: Exploits and Defense

Presented at DEF CON 19 (2011), Unknown date/time (Unknown duration)

In the last few years, a so called whole new generation of firewalls have been released by various vendors, most notably Network Application Firewalling. While this technology has gained a lot of market attention, little is actually known by the general public about how it actually works, what limitations it has, and what you really need to do to ensure that you're not exposing yourself. This presentation will examine/demystify the technology, the implementation, demonstrate some of the technology and implementation specific vulnerabilities, exploits, what it can and can't do for you, and how to defend yourself against potential weaknesses.


  • Brad Woodberg - Security Product Line Engineer, Juniper Networks
    Brad Woodberg: I hail from just outside of Detroit MI, graduating from Michigan State University with a BS in Computer Engineering. Prior to joining Juniper Networks a few years ago, I was a security consulting engineer at a consulting firm in Ann Arbor Michigan for four and a half years, responsible for everything from penetration testing to intrusion investigation, managed services, implementations - whatever our sales guys could sell. At Juniper I'm heavily involved with the product development, and security testing, and all sorts of involvement with our security team. In addition to my work at Juniper, I have also co-authored three technical books, Junos Security, Configuring Netscreen/SSG firewalls, and Configuring Juniper SSL VPN.