COLUMN

Finjan, Citrix highlight different gateway approaches

By Eric Ogren 12 Feb 2009 | SearchSecurity.com Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

SearchSecurity.com: To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Information technology architects have a choice in how they value security devices. The traditional approach is to treat security as a layered function whose job is to block traffic that might be damaging to the business; the alternative approach is to treat security as an operational capability that allows the business to efficiently connect with customers and suppliers over the Internet. This fundamental mindset trade-off is illustrated in the recent announcements of Finjan's Secure Web Gateway and Citrix's Access Gateway.

• Finjan is marching down the path of a unified Web security device by integrating elements such as antivirus, data leakage protection, URL filtering and unauthorized application protocol blocking. The collection of Web-specific antithreat technologies protects port 80 and 443 usage in ways that firewalls have not been able to effectively demonstrate. For instance, the addition of DLP features for Web traffic allows IT to detect when confidential information flows through the gateway and refresh the user on corporate policies and procedures for responsible Internet activity. Also, providing for the choice of antivirus engines is a nice touch that allows IT to choose the best security product for the job. Clearly, the vision for Finjan is to consolidate Web security features into a single security appliance.

  Application firewalls: Comparative Product Review: Six Web Application Firewalls: No longer can security managers focus only on perimeter and host security. The application has become the prime target for hackers. We review six leading Web application firewalls.

• Citrix is focused on connecting users with applications by integrating functions including SSL VPN for secure remote communications, user authentication and single sign-on, and active endpoint security assessments. What makes Citrix Access Gateway exciting is its cooperation with the desktop to make a real-time security-based decision to establish full VPN connectivity or to virtualize elements of the application. The business applications are available to a wide range of users with full access control to the servers, and levels of protection against endpoints with dubious security profiles. The Citrix vision is to deliver applications while preserving a strong and secure user experience.

The job of security devices, both firewalls and Web appliances, is to allow the organization to safely conduct business over the Internet. It is not enough to simply provide safe perimeters for the business to hide behind -- the business has to reach out to customers, employees and suppliers over public networks to survive.

Web security gateways: Finjan adds DLP, content caching to Web security gateway: The Web security vendor says its DLP capabilities won't compete with major vendors in the market, but will appeal to enterprises in a tight economy. SaaS startups enter Web security gateway market: Web security vendors Zscaler Inc., Purewire Inc. enter growing Software as a Service (SaaS) space dominated by appliance vendors.

This trend will drive a convergence of security and operational features that will increase application performance, reduce administrative costs, and simplify network architectures. It is not hard to envision these devices becoming dynamic platforms for application sensitive virtual machines that provide the optimal mix of security and operational controls for the organization. For instance, it is not hard to imagine Finjan's Secure Web Gateway virtualizing access when sensitive data is involved, or Citrix' Access Gateway providing DLP features when sensitive data is destined for the endpoint.

IT has the opportunity to decide how it wishes to secure its Internet-oriented infrastructure. In the short term, integrated security appliances can give better value for the administrative dollar and satisfy the sense of urgency in plugging security deficiencies. In the long term, IT is better off satisfying users with superb connectivity features that are architected with strong security built in.

Tags: Web Application and Web 2.0 Threats,  Web Application Security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Web Application and Web 2.0 Threats Bit.ly boosts malware protection Hackers use Tiger Woods saga to conduct search attacks New Facebook worm propagates using sexy model Web security firm ranks Firefox, Safari browsers as flaw prone Web application vulnerability assessment shows patching progress Layoffs prompt insider threat fears, cybersecurity survey finds Botnet masters turn to Google, social networks to avoid detection Computer worm infections up, scareware antivirus down, Microsoft says Web-based attacks skyrocket, pirating sites surge, security firms say Kaspersky system analyzes malicious URLs on Twitter for malware Web Application Security Black box and white box testing: Which is best? InZero Systems launches hardware-based security gateway Web application vulnerability assessment shows patching progress Preventing SQL injection attacks: A network admin's perspective Cisco acquires SaaS security vendor ScanSafe Web application firewall use goes beyond compliance, company finds Gumblar Trojan drive-by exploits spike following Adobe update Some Facebook applications lead to Russian attack sites Barracuda acquires Purewire expanding Web security reach An enterprise strategy for Web application security threats

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary content filtering  (SearchSecurity.com) Web filter  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary