Enterprise Application Security

A typical enterprise application includes the following architectural elements and processes:
·         User interface services (such as an Active Server Pages user interface)
·         Operating system services (such as registry access and object pooling)
·         Business process services (such as a distributed COM DLL component)
·         Data transmission services (such as HTTP over the Internet)
·         Database access services (such as SQL Server)
·         Access to non-database support files (such as a .prf user preferences file)
Application security means that each of these application services must be available only to qualified users. At the same time, every component, service, and supporting file must be protected from unauthorized viewing, tampering, or modification.
The best way to protect your application’s architectural elements and processes is with the built-in services provided by Windows NT operating system security. Windows NT prevents unauthorized access and tampering by providing user access control, resource and service protection, and audit ability.
You can extend the standard Windows NT security features to include the protection of sensitive data transmissions by using either encryption or digital signatures.
Your application might also rely on BackOffice services such as SQL Server or Internet Information Server. All of these BackOffice services can be uniquely configured to control access and process privileges.
For More Information   Understanding Windows NT Security [http://msdn.microsoft.com/en-us/library/aa266936(VS.60).aspx] , in this chapter, provides links to more information about a number of primary operating system-level security functions to control access. For a discussion about storing and transmitting encrypted data see Using the Microsoft CryptoAPI [http://msdn.microsoft.com/en-us/library/aa266944(VS.60).aspx]. For information on using digital certificates to control access to your application, see Using Certificates [http://msdn.microsoft.com/en-us/library/aa266941(VS.60).aspx].
How vulnerable is your network to email viruses and attacks? You can visit the Email Security Testing Zone at GFI’s web site to find out. Email is truly the “killer app” of the 21st century – businesses and individuals depend on electronic mail for quick, easy, reliable communication. However, your email system is a point of vulnerability that can exploited to invade your system and network. Viruses can destroy data, damage system files that are necessary to run your operating system and applications, and even bring down the entire network through denial of service attacks. If this weren’t enough, these viruses can use your address books to spread themselves further. If you use email, you need to take steps to ensure that you’re protected against viruses, Trojans and other malicious software that can be transmitted via email – without compromising the email features you need to communicate effectively.
Application layer security is security just for the Application layer, Layer 7, of OSI model, such as software patches, updates, etc. Network layer security consists of all seven of the layers of the Network.  
Sourcefire Offers Real-time Adaptive Network Security Tool.
Get the network intelligence, policy compliance, and automation needed to proactively adapt your network to threats and the needs of your business.
You may not have real-time adaptive security today but you should be striving for it. Real-time adaptive security is needed to best protect your network from attacks as they get more and more advanced and as multiple perimeters emerge. Get There with Sourcefire Real-time Adaptive Network Intrusion Prevention (IPS).
Sourcefire can meet your needs today and grow with you with throughput options up to 10 Gbps. So
provides vulnerability-based intrusion prevention built on the foundation of Snort®, the world’s most popular intrusion prevention software. No matter what type of network security you have today, Sourcefire can help you get the real-time adaptive security that you need.
Most providers offer a “one-size-fits-all” IDS or IPS, but Sourcefire is different. The Sourcefire solution is divided into three customer protection phases — IPS, Adaptive IPS, and Enterprise Threat Management (ETM) — with each phase building upon the benefits and features of the previous one, adding capabilities to optimize a company’s network protection. Real-time adaptive security is met with the Sourcefire Adaptive IPS and Enterprise Threat Management (ETM) solutions.
Sourcefire IPS Growth Phases
·     IPS: Based on the award-winning Snort® detection engine, Sourcefire IPS provides best-in-class intrusion defense with extensive analytics, powerful reporting, and unrivaled scalability. Through the use of Sourcefire 3D Sensors with the IPS module and one or more Sourcefire Defense Center™ management consoles, the IPS phase enables you to detect and/or block attacks targeting thousands of vulnerabilities.
·     Adaptive IPS: Adaptive IPS allows you to know what is on your network–in real time, all the time. The network intelligence is derived from Sourcefire RNA® (Real-time Network Awareness) which enables automated threat impact assessment and automated IPS tuning. Adding RNA to your 3D Sensors significantly reduces false positives and false negatives and allows small IT security staffs to effectively monitor large networks.
·     Enterprise Threat Management: ETM is the integration of a variety of network security technologies under one management console. You reduce risks before attacks by knowing when new hosts appear and monitoring for IT policy compliance. By getting the maximum amount of network security information, you can baseline your network to detect internal anomalies and detect compromise to rapidly shield your critical systems. With ETM, you get a level of network knowledge, visibility, and awareness that no other approach can provide.
The Security Administrator needs to know more about what’s on their network and  implement the Sourcefire real-time adaptive network intrusion prevention system (IPS), so that they can significantly reduce false positives and negatives, and have more time to focus their efforts on those security events that matter most. This greatly reduces operating cost and significantly reduces the potential for network downtime. (Source: http://www.sourcefire.com)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s