Application-centric security

It’s a rare business that would claim it doesn’t take security seriously.

But it’s also a fact that security defences, and the way many organisations approach security, aren’t keeping up with the way businesses have evolved.

Consider first the importance of applications to businesses. Whether bought off the shelf, or developed in house; whether for employees or customer-facing, corporate apps have become absolutely vital to how organisations interact with their end users. We want to access data and services quickly from a device and location which suits us, adding to the complex security challenges required to ensure data remains safe during transactions.

Combine this with the existing security layers in many businesses, which have traditionally been like a conga chain of disparate elements from different vendors – a set up that’s not really geared up to deal with increasingly complex internet threats, particularly those targeted specifically at applications.

It’s therefore crucial to align security with the specific applications that organisations rely on, and manage this on a unified platform. Although point products may solve specific network requirements today, a piecemeal approach to networking increases overall costs, introduces complexity, and imposes unnecessary limitations on scale and capacity, whereas a unified platform requires minimal management from the IT team, while alleviating the complexity associated with mapping application infrastructure to static constructs such as traditional firewall zones.

Aside from the management, how can businesses put up a defensive wall to stop attacks before they even access their data? It’s here that our full proxy comes into its own. Monitoring incoming traffic is the first line of defence in protecting a business against cyberattacks. Being able to assess where traffic is coming from, the device being used and even whether the request is from a human or not can all work as key assets in protecting against attack.

Let’s consider an example using our announcements made in January. If a DDoS attack hits one of our customers, we are able to assist on two fronts. Firstly, the full proxy ensures that requests are filtered before they enter the datacentre, stopping access to those communications which do not appear to be from a genuine customer – such as recognising that a repeat request is being made by a computer source, rather than an actual person at a keyboard. The increased throughput enabled by the F5 firewall also allows a greater number of requests per second, ensuring that systems are less likely to crash under the weight of the repeated requests associated with DDoS attacks. Essentially, a full proxy firewall can avert significant downtime and data loss at a business.

So, my message is simple - centre your security around the applications housing the data you’re protecting. Ensuring this is managed by one security platform using full proxy means this is one part of the puzzle which you won’t have to worry about.

Published Feb 19, 2013
Version 1.0

Was this article helpful?

No CommentsBe the first to comment