CIA

Confidentiality, Integrity and Availability are critical factors to address when building, operating, or sustaining any information system. To achieve CIA requires many different processes and can be significantly enhanced using common application delivery controller (ADC) functionality.

How do you ensure users of your information services always get the best possible performance? How do you ensure your application services and data are protected from users of your services? How do you protect your application infrastructure from hostile attacks?

There are many areas from proper information systems design to physical security to personnel security that go into solving these problems.

This note is to inform on how an ADC can be used to enhance the overall CIA of your application environment.

To ensure users consistently get the best services possible, ADCs act as the traffic cop directing users to the best performing instances of an applications. ADCs constantly monitor applications and do not send users to application instances that are impaired. The ability to direct users to the best application instance works both within a single data center as well as across a constellation of data centers. In addition to directing users to best application instances, ADCs also accelerate the application using a combination of proxy, caching, compression, TCP multiplexing and http2 gateway services.

To ensure applications are protected from insider threats (authorized users), ADCs act as reverse proxies and eliminate the need for users to directly connect to application servers. Users connect to the ADC and the ADC proxies that request to the back end server. If the user cannot directly touch the application server, then the only attack vector is within the allowed and proxied data flows to the application server. ADCs also include application specific firewalls that monitor these allowed data flows for improper behavior (application level attacks) and mitigate these attacks before they reach the application server.

To ensure application infrastructures (servers, storage, networks) are protected from network based attacks, ADCs act as network level firewalls. No traffic is allowed thru an ADC unless it is specifically allowed enabling a Deny-All, Permit-by-Exception network level security policy. Attempts to scan the back end application infrastructure are effectively blocked, with only the allowed application IP address and associated port being allowed thru the ADC. Even then, this allowed traffic is inspected and protected by the application specific firewall built into the ADC.

The ability to vastly improve both the end user application experience and the security of the associated application infrastructure is what makes ADCs such a desirable component in all application environments.

KEMP is the value leader in ADC technologies. Exceptional security, ease of use, support, and affordability make KEMP a serious threat to existing legacy ADC vendors. Come and see us at https://kemptechnologies.com for more information.