Deploying Application Firewall

Deploying Application Firewall

Abstract

Information security should be a priority for businesses, especially when they are increasingly involved in electronic commerce (e-commerce).

With the understanding that securing an operating system successfully requires taking a systematic and comprehensive approach, security practitioners have recommended a layered approach called defense-in-depth.

This paper commences by examining network security, operating systems security, application security and data security, focusing on application firewalls. The aim of this paper is to educate readers on the importance of defense in depth principle in information security.

The author concludes by describing the role of application firewall in defense in depth and cited the Institute for Computing Applications (IAC) of the Italian National Research Council (CNR) as an example of an organization which engaged application firewalls in resolving its network security problem

Research Analysis

The development of Information security is of paramount importance to organizations that have online presence. The primary goals of information security are confidentiality, integrity and availability. In order to achieve these goals, organizations need to adopt a multi-layered security defense strategy named defense in depth. A defense-in-depth approach to security suggests an organization shouldn't rely on a single device to protect its system as the source of attack is growing every day.

A multi layered defense strategy must be balanced with a comprehensive analytical and reporting capabilities which interpret and present the information that's gathered by such system. In deploying defense-in-depth strategies for protecting their information asset, organizations should start at the network perimeter and move from there to the operating system and applications and the data which is the final layer.

Network Security

The network is the first layer of protection for...