I spoke with James Spooner of Secerno and Bill Beverley of F5 Networks about their solution, which is based around the F5 BIG-IP ASM and Secerno DataWall products. Essentially they are working together to provide a more joined up security solution. While much has happened to deliver more integration between the lower network levels and applications, no-one has really tackled the problem of integrating application and database security – at least not in the web application space.

This is where F5 Networks and Secerno have jointly focussed their effort. By using customized rules on the F5 box, DataWall can be notified of anomalies at the web traffic layer. This gives Secerno’s product user-level visibility (down to the session level) of what is happening in web applications. In theory this approach should increase the ability to protect back-end databases, and reduce the number of false positives. 

The F5 BIG-IP provides more than half a dozen attributes that can be used to correlate web transactions to database transactions, enabling very granular blocking of attempts to exploit SQL security vulnerabilities (see here). Suspicious activity can be reported up to SIM/SEM security management products and used for security forensics.

It is an interesting development, with lots of potential for expanded functionality. Using web-based applications is an attractive way of sharing information outside of the organization, either via Web 2.0 style APIs, or web portals. They can be quick to develop, and provide efficiency and competitive advantage. The downside is that such applications often require access into databases with sensitive information. The F5 and Secerno solution is a worthy attempt to deliver high levels of security, but still enable business flexibility – making both companies’ solutions more attractive.

Related Posts

• Identity Management
• F5 Networks – A Case of Applications and the Network
• When Blurred e-mail Goes From Bad to Worse