cl-au logo
Story image

How integrated edge security and WAF can secure application delivery

14 Jan 2020

Article by Kemp principal technical advisor Ben Hodge

As organisations come to rely more and more on web-based applications and a mobile workforce, the importance of secure application publishing backed by a carefully integrated web application firewall (WAF) increases steadily.

A solution that provides edge security, SSO application integration and flexible authentication options is critical for both optimal user experience and information security policy compliance.

Historically, Microsoft applications such as Exchange, Skype for Business, SharePoint and IIS-based web services were deployed with Microsoft’s Forefront Threat Management Gateway (TMG) to meet these requirements and provide a way to securely publish applications in Internet-facing deployments.

But since TMG reached its end of sale and mainstream subscription closed, customers have been evaluating alternative solutions for its replacement.

Ideally, they need a solution that provides edge security, SSO application integration and flexible authentication options, which is critical for optimal user experience and information security policy compliance.

Such a solution should provide a comprehensive set of features in an edge security pack that can enhance a load balancer’s ability to secure public-facing applications and improve user experience.

Preferably the pack should include some of the most common features familiar to TMG users, that are most logical for consolidation with an application-centric load balancer.

Look for a web application firewall (WAF) that combines Layer 7 WAF protection with other application delivery services including intelligent load balancing, intrusion detection, intrusion prevention as well as edge security and authentication.

By integrating the world’s most deployed WAF engine, ModSecurity open-source application firewall, augmented by threat intelligence and research from a trusted information security provider, such a solution will protect against known and evolving vulnerabilities.

With a targeted focus on application-specific exploits missed by traditional firewalling techniques, a carefully combined WAF can play a key role in a defence-in-depth strategy that mitigates risk and optimises application security.

Such a firewall will enable secure, scalable and always-on workload delivery in a single fully integrated, easy to use and deploy load balancing solution.

The benefits of integrating a carefully selected ADC platform include:

  • Simplified deployment and management of application protection services.
  • Operating as either an active or passive setup allows flexible deployment in either a block or log inactive mode; or a log only in passive mode.
  • Daily rule updates maximise protection against evolving threats and latest application vulnerabilities.
  • SQL injection protection guards against exploits that leverage weakness in web application SQL implementations,.
  • Cross-site scripting mitigation prevents injection of untrusted content into user content.
  • Cookie tampering protection prevents sensitive corporate and personal data such as credit card numbers from being accessed.
  • Custom rule support builds deeper levels of protection for applications.
  • Regulation compliance simplification enables compliance with PCI-DSS (payment card industry) security standards.
Story image
NEXTDC brings new data centre to Western Australia's Perth
“It’s an exciting time for Perth, as we gear up to take a quantum leap forward in the attraction of Western Australia as a region to invest and do business. We are excited to pull back the curtain to P2, and provide a platform for local businesses to take their unique value to the world.”More
Link image
Email threats remain prominent months into pandemic
With the surge in remote working, new cybersecurity risks have thrived, and productivity challenges abound. Having a top-notch solution can save many a security headache.More
Story image
Technology key to success for Aussie businesses following COVID-19
Technologies set to have the biggest impact are 5G (37%), cloud technology (36%) and digital transformation (31%) were predicted to have the biggest positive, direct impact on future growth in the respondents’ industries over the next 12 to 18 months.More
Story image
Fortinet holds position as fastest-growing SD-WAN vendor
According to a new Omida report, the company has seen a 247% revenue growth year-on-year. Plus, Fortinet announces Fortigate 80F.More
Story image
COVID-19 hits smartphone market hard, with all but Apple sales down
As a whole, in Q2 2020 the global smartphone market dropped 14%. The market fell to 285 million units, a second consecutive quarter of freefall, as lockdown orders caused by the COVID-19 pandemic persisted through April and May. More
Story image
Ping Identity makes changes to partner program to better serve businesses of today
“Expanding and deepening our collective efforts with our global strategic alliance and channel partners allows us to continue to innovate and bring comprehensive IAM solutions to the enterprise.”More