(No Ratings Yet)
Loading ...When I last spoke with F5 Networks (F5 Networks - A Case of Applications and the Network) it was clear that they were getting more focussed on the higher application layers. Our discussion touched on Secerno, a specialist database security company based out of the UK. Today the two companies have announced a joint solution which should be of interest to anyone building web-based applications that have a database back-end.
I spoke with James Spooner of Secerno and Bill Beverley of F5 Networks about their solution, which is based around the F5 BIG-IP ASM and Secerno DataWall products. Essentially they are working together to provide a more joined up security solution. While much has happened to deliver more integration between the lower network levels and applications, no-one has really tackled the problem of integrating application and database security - at least not in the web application space.
This is where F5 Networks and Secerno have jointly focussed their effort. By using customized rules on the F5 box, DataWall can be notified of anomalies at the web traffic layer. This gives Secerno’s product user-level visibility (down to the session level) of what is happening in web applications. In theory this approach should increase the ability to protect back-end databases, and reduce the number of false positives.
The F5 BIG-IP provides more than half a dozen attributes that can be used to correlate web transactions to database transactions, enabling very granular blocking of attempts to exploit SQL security vulnerabilities (see here). Suspicious activity can be reported up to SIM/SEM security management products and used for security forensics.
It is an interesting development, with lots of potential for expanded functionality. Using web-based applications is an attractive way of sharing information outside of the organization, either via Web 2.0 style APIs, or web portals. They can be quick to develop, and provide efficiency and competitive advantage. The downside is that such applications often require access into databases with sensitive information. The F5 and Secerno solution is a worthy attempt to deliver high levels of security, but still enable business flexibility - making both companies’ solutions more attractive.
Disclaimer: I work for Imperva, which is a competing vendor to the companies mentioned in this entry.
However, I would like to correct this statement:
“While much has happened to deliver more integration between the lower network levels and applications, no-one has really tackled the problem of integrating application and database security - at least not in the web application space.”
Imperva’s first commercial release of SecureSphere in 2002
(We were called “WebCohort back then…the link is here http://www.imperva.com/news/press/2002-oct-30.html) actually did just that. Since then, we’ve come a long way in improving on the functionality and we have hundreds of customers using SecureSphere to protect the full stack, including both the application and the database. Our product line has won awards both for Web Application Firewall and Database Security.