|
Enterprises are actively migrating applications to web
technologies in order to grow revenues and reduce costs.
Statistics show a dramatic increase in the number of web
application deployments in the past year. Newer packaged
applications such as PeopleSoft and SAP come with built-in
web interfaces and enterprises continue to build custom web
interfaces for legacy applications.
|
|
Web application delivery is dominant, making the distinction
between internal and external communication environments very
challenging. Partners require access to mission critical supply
chain applications and employees require access to applications
from anywhere. DMZ applications overnight have become mission
critical. The distinction between extranet, intranet and the
internet is blurred when all applications are transported over
HTTP.
|
|
In an attempt to securely deploy web applications, organizations
have resorted to complex, expensive and highly distributed
solutions that often slow down the deployment of web applications
without improving their level of security against an ever-increasing
number of threats. For example, when a company wants to extend an
internal web application to employees, partners or customers via
the Web, IT will typically replicate servers, access control
mechanisms and security devices to an extranet or a DMZ. This can be
a time-consuming process and often takes months to complete.
|
|
Companies that rely exclusively on network security technologies,
such as stateful inspection firewalls and intrusion detection
systems (IDS) leave themselves open to application-layer attacks.
The number of threats to web-based applications continues to rise as
hackers increasingly target application vulnerabilities in order to
gain unauthorized access to systems, steal information assets and
disrupt web-based business.
|
|
Organizations need to keep pace with the acceleration of business on
the web without sacrificing security. This includes protection from
threats exploiting application layer vulnerabilities. What is needed
is an integrated web security approach that not only provides the most
stringent defenses, but also improves application efficiency and
simplifies security infrastructure, enabling the rapid deployment of
new applications and services to the Web.
|
|
