Simultaneously protecting applications and data: The next evolution in security?
Lorenc, information security network and application security architect with the IT design and measurement specialist - and a customer of Imperva's - talked about the popular issue of application security and how his company, while outsourcing a number of its IT services, maintains the highest possible levels of security on its network.
Because Agilent carries out a lot of outsourcing of its IT functions, the company has created a highly secure communications infrastructure. Web applications are accessed internally and externally - thus, they needed to secure data from insiders and outsiders. "Because Agilent is so highly outsourced, Web application security is critical-but it is joined at the hip with data," explained Lorenc.
Agilent's strategy, says Lorenc, is to use a three-tier IT security structure, with the firm's external DMZ (demilitarised zone) interfacing securely with its own core IT resources.
Their approach of using application monitoring and security was made very easy because they had created a very advanced environment with a lot of unique places to put in chokeholds, monitor data, block data, do database monitoring. Imperva's web application firewall gives visibility into how users interact with their assets. This information is used to help guide and validate their application security policy.
From a data protection standpoint, discovery was an important phase to understand what assets they have, and what risks are associated with those assets. Imperva found and classified all their valuable assets so they knew what to protect.
The problem is made all the more complex, said Lorenc, by the fact that the company's data is effectively residing in as many as 10 or 12 locations.
In the three-tier security structure, therefore, the core IT resources are interfaced securely with the DMZ, and then on to 'true' external IP network-connected systems.
This effectively makes the DMZ a secure virtual cloud environment that Agilent has to ensure maximimum possible security, but whilst maintaining effective communications with its partners.
Lorenc describes this approach as very challenging and requiring the use of a discovery model to ensure best security across multiple platforms - including PHP, Ajax, Java and Microsoft .NET.
"Agilent has encountered a unique set of security challenges as a result of its unusual three-tier security architecture, but has fully met this challenge using conventional IT security technologies, bonded together to create a customised solution," said Brian Contos.
"By linking its Web application firewall technology with a disparate range of other security systems, Agilent has created a unique and highly secure hybrid VPN environment that performs smoothly, despite its complexities," he added.
Join Imperva and Agilent for this educational and entertaining podcast here...
For more on Imperva: http://www.imperva.com
About Agilent Technologies
Agilent Technologies Inc. (NYSE: A) is the world's premier measurement company and a technology leader in communications, electronics, life sciences and chemical analysis. The company's 18,000 employees serve customers in more than 110 countries. Agilent had net revenues of $5.8 billion in fiscal 2008. Information about Agilent is available on the Web at www.agilent.com.
Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world's leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.
Press releases you might also be interested in
Weitere Informationen zum Thema "Sicherheit":
Mit Schattenkopien Daten und Backup gegen Ransomware schützen
Um sich vor Ransomware zu schützen, ist nicht nur eine Software notwendig, die solche Angreifer erkennt und bekämpft. Als zusätzlicher Schutz sollte auch alle Variationen der Datensicherung mit einbezogen werden.Weiterlesen