sb-nz logo
Story image

How integrated edge security and WAF can secure application delivery

14 Jan 2020

Article by Kemp principal technical advisor Ben Hodge

As organisations come to rely more and more on web-based applications and a mobile workforce, the importance of secure application publishing backed by a carefully integrated web application firewall (WAF) increases steadily.

A solution that provides edge security, SSO application integration and flexible authentication options is critical for both optimal user experience and information security policy compliance.

Historically, Microsoft applications such as Exchange, Skype for Business, SharePoint and IIS-based web services were deployed with Microsoft’s Forefront Threat Management Gateway (TMG) to meet these requirements and provide a way to securely publish applications in Internet-facing deployments.

But since TMG reached its end of sale and mainstream subscription closed, customers have been evaluating alternative solutions for its replacement.

Ideally, they need a solution that provides edge security, SSO application integration and flexible authentication options, which is critical for optimal user experience and information security policy compliance.

Such a solution should provide a comprehensive set of features in an edge security pack that can enhance a load balancer’s ability to secure public-facing applications and improve user experience.

Preferably the pack should include some of the most common features familiar to TMG users, that are most logical for consolidation with an application-centric load balancer.

Look for a web application firewall (WAF) that combines Layer 7 WAF protection with other application delivery services including intelligent load balancing, intrusion detection, intrusion prevention as well as edge security and authentication.

By integrating the world’s most deployed WAF engine, ModSecurity open-source application firewall, augmented by threat intelligence and research from a trusted information security provider, such a solution will protect against known and evolving vulnerabilities.

With a targeted focus on application-specific exploits missed by traditional firewalling techniques, a carefully combined WAF can play a key role in a defence-in-depth strategy that mitigates risk and optimises application security.

Such a firewall will enable secure, scalable and always-on workload delivery in a single fully integrated, easy to use and deploy load balancing solution.

The benefits of integrating a carefully selected ADC platform include:

  • Simplified deployment and management of application protection services.
  • Operating as either an active or passive setup allows flexible deployment in either a block or log inactive mode; or a log only in passive mode.
  • Daily rule updates maximise protection against evolving threats and latest application vulnerabilities.
  • SQL injection protection guards against exploits that leverage weakness in web application SQL implementations,.
  • Cross-site scripting mitigation prevents injection of untrusted content into user content.
  • Cookie tampering protection prevents sensitive corporate and personal data such as credit card numbers from being accessed.
  • Custom rule support builds deeper levels of protection for applications.
  • Regulation compliance simplification enables compliance with PCI-DSS (payment card industry) security standards.
Link image
Virtual demo: Diagnose network cabling problems with the LinkIQ Cable+Network Tester
If you’re finding it difficult to install access points and cabling, or if you can’t pinpoint an issue with a video camera or end user, the LinkIQ Cable+Network Tester could be exactly what you need. Try a free, fully interactive demo now.More
Story image
Microsoft Exchange breach a wake-up call to ditch the server
"There are owners who still have in-house exchange servers because they are suspicious of the cloud or have concerns about their data sovereignty or don't want to contemplate the capital expenditure. But the warning is clear. Get rid of them."More
Story image
Ransomware and Microsoft Exchange attacks surging 
There are global surges in ransomware attacks alongside increases in cyber attacks targeting Microsoft Exchange Server vulnerabilities, according to Check Point Research.More
Story image
Gartner: Top security and risk management trends for 2021
“CISOs are keen to consolidate the number of security products and vendors they must deal with."More
Story image
WatchGuard names new regional director for A/NZ
Anthony Daniel says, "I look forward to continuing to drive our business strategy, grow our channel and to supporting business growth Australia and New Zealand and the Pacific islands."More
Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More