Moving Up The Stack
May 1, 2008 12:00 PM, By Sandra Kay Miller
System Manager Kevin Alwood has been with Intuition Systems for seven years and has witnessed how threats and vulnerabilities have migrated from the network's perimeter to the heart of the application. To stem the mounting barrage of attacks aimed at the company's network, three years ago Intuition Systems deployed Imperva's SecureSphere WAF (imperva.com). “All our online payment systems, anything that has to do with financial transactions, are all now monitored by WAF. The rules are set up to block if anything suspicious occurs,” Alwood says.
Equally as important as preventing malicious external attacks, WAFs can defend against illicit access to applications and information from within the private network's perimeter. Alwood explains, “Our WAF has definitely made us more aware. We can watch inside the network using our WAF so we know what people are doing on the database, even internally.”
Even something as innocuous as employees and contractors sneaking a peek at political candidates' passport information or celebrities' medicals records are subject to public disclosure.
Although most security measures are reactionary, many organizations — including both NIC and Intuition Systems — choose to install WAFs primarily to meet the increasing demands of regulatory compliance.
Intuition Systems' integration was a practical decision. “We were getting our level one PCI-compliance and although it wasn't required, we decided to be proactive and put it in place,” Alwood says.
Due to the amount of customized programming that goes on within both businesses, WAF deployments have also greatly aided in code analysis for security flaws and internal monitoring.
“The WAF has helped tremendously around education and application defect assessment, meaning it can help protect our applications, but also gives intelligence to developers as to what is wrong with their code,” Sherry explains. “We're able to match code review to technology and really ferret out some of the defects we may have, which is part of the natural software development cycle.”
Another advantage Sherry lists is the narrowing of the gap between administrators and developers. “We're allowing our key application developers to log into the WAF and see how their applications are performing. With traditional firewalls, you have system administrators on one side of the house and developers on the other who don't have a clue as to what is happening with their applications since the network is not their niche.” What the WAF has done for NIC is make sense of the application traffic for the development team. “Getting that level of intelligence down to the developers has been huge,” Sherry says.
Although the network has provided a tremendous amount of enterprise productivity and connectivity for businesses, much of that innovation has turned out to be a security nightmare for IT professionals. With the explosive growth of Web 2.0, users continue to push the envelope by leveraging new Internet technologies within the corporate network and business model. Blogging, social networking, peer-to-peer file sharing and IP telephony have all been emergent online technologies that have all run the cycle of gaining traction as personal and recreational applications to full-blown business tools. Network administrators can no longer get away with block-all rules on their traditional firewalls.
Instead, security is turning to holistic and proactive elements to monitor and defend networks in real-time across all layers of the network. “Ultimately, what I'm looking for is: Where can we introduce technology to get the biggest bang for our buck?” Sherry surmises.
Want to use this article? Click here for options!
© 2015 Penton Media Inc.
Today's New Product
In support of the Privaris family of personal identity verification tokens for secure physical and IT access, an updated version of its plusID Manager Version 2.0 software extends the capabilities and convenience to administer and enroll biometric tokens. The software offers multi-client support, import and export functionality, more extensive reporting features and a key server for a more convenient method of securing tokens to the issuing organization.