ebook img

Reviews PRODUCT Guide PDF

56 Pages·2008·1.11 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Reviews PRODUCT Guide

RePROvDUCiT ews 2008 Guide TESTING & ANALYSIS TO HELP YOU MAKE PURCHASING DECISIONS Information Security magazine’s 2008 c o n t e n t s Product Review Guide APPLICATION SECURITY INCIDENT RESPONSE is a compilation of the 2 Application Security,Inc. 33 Mandiant single and comparative 3 Applicure Technologies 34 Vantos reviews published in 4 Cenzic 2008, an indispensable IT COMPLIANCE 5 V.i.Labs guide for information 6 Klocwork 35 Shavlik Technologies security managers Comparative Review Comparative Review tasked with evaluating 7 Application Firewalls and purchasing security 36 IT GRC Products hardware and software AUTHENTICATION LOG MANAGEMENT in 2009. 15 Secure Computing 44 LogRhythm CONFIGURATION MANAGEMENT MOBILE SECURITY 16 Configuresoft 45 Credant Technologies DATA LOSS PREVENTION 46 GoldKey 47 GuardianEdge Technologies 17 Workshare SECURITY INFORMATION/EVENT DATA PROTECTION MANAGEMENT (SIEM) 18 Application Security,Inc. 48 Novell 19 Deepdive Technologies 49 RSA 20 Imperva 21 Sentrigo SECURITY TESTING 22 Varonis 50 BreakingPoint Systems ENDPOINT SECURITY 51 Mu Security 23 Promisec VIRTUALIZATION SECURITY 24 Sophos 25 Trend Micro 52 Altor Networks 26 Webroot VPN FIREWALL 53 Array Networks 27 AlgoSec WEB SECURITY GATEWAY 28 Netgear 29 Palo Alto Networks 54 Cymphonix 30 SonicWALL 55 Finjan 31 Tufin Technologies WIRELESS SECURITY IDENTITY MANAGEMENT SI N F O R M A T I O N ECURITY® 56 AirDefense 32 Symark INFORMATION SECURITY 1 PRODUCT I N F O R M A T I O N Reviews S ECURITY® H o t P i c k VULNERABILITY MANAGEMENT INFSOECRMURATITIOY®N porPtse nsceatrnantieodn a ntdes tteinchg naiqttueem fports l ivtoe hgoasitn d eitnefcotriomna.tion AppDetectivePro about and access to the database without credentials, simulating the access an outsider might be able to gain to your network.It does not actually attempt to exploit any vulnerabilities;it just uses fingerprinting techniques REVIEWED BY MIKE CHAPPLE to determine the database version and patch level. The true value of the product shines through in Application Security, Inc. the database audit functionality. The audit begins by www.appsecinc.com retrieving a large amount ofconfiguration information Price:$900 per database instance annual subscription fee from the target database (usernames and password hashes,object/privilege listings,details on linked servers, AppDetectivePro fills a critical etc.) and stores it locally on the scanning workstation, niche that goes beyond conven- where AppDetectivePro performs its analysis. tional vulnerability scanners, performing “deep dive”inspec- Effectiveness A tions of database configuration to identify security issues. It’s AppDetectivePro identified a number of vulnerabilities ideal for internal and external in our database configuration.These included obvious, auditors,security professionals, glaring errors that we intentionally introduced,such as consultants and others who need to perform on-the-fly blank administrator passwords, missing service packs database vulnerability assessments. and unapplied patches. It also identified more subtle configuration issues,such as improper permissions on Policy Control B registry extended stored procedures; the use of local SQL Server authentication (a non-recommended prac- AppDetectivePro supports Microsoft SQL Server, tice); the presence of sample databases; and failure to Oracle,IBM DB2,Sybase and MySQL.The subscription implement best practices for database activity auditing. fee includes a comprehensive collection of predefined The descriptions provide detailed information on security checks for each platform. the vulnerabilities,their source,potential solutions and The checks are updated only monthly, which could references for additional information. mean a significant lag between discovery of a serious flaw and the ability to detect it. Reporting A- Users may augment the built-in policies with custom checks written in SQL. AppDetectivePro includes nine canned reports that pro- vide useful information for various levels of manage- Configuration/Management A ment and technical staff. These include an application inventory, summary reporting, high-level and detailed Installation and initial configuration is straightforward. vulnerability reports and information on user accounts. The software uses a standard installation wizard and You can also generate differential trend reports to evalu- works best when used with a SQL Server database to ate the status ofscanned databases over time.Output is store results. AppDetectivePro offers three assessment available in Crystal Reports,HTML,XML and text. methodologies: database discovery, penetration testing AppDetectivePro stores results in an Access database and auditing. on the local system,but you may also configure it to use Database discovery allows you to scan a network for SQL Server. the presence of databases that may then be further assessed.Any AppDetectivePro license includes unlimit- Verdict ed discovery scanning. You may purchase additional licenses to perform penetration tests and/or audit scans AppDetectivePro is an excellent solution for auditors, on any discovered database instances.Scan characteris- security professionals and consultants to capture tics are highly customizable,allowing you to specify the snapshots of database security status.w Testing methodology:We tested AppDetectivePro in a VMware For an extended online version of this review, see this environment using Windows Server 2003 and SQL Server 2005. month’s issue on SearchSecurity.com. Review how we grade at searchsecurity.com/grading_criteria. INFORMATION SECURITY 2 PRODUCT I N F O R M A T I O N Reviews S ECURITY® APPLICATION SECURITY our Web server, such as those that utilized advanced Javascript or built with older Web tools. Applicure Technologies Policies center on patterns and signatures. Patterns define what dotDefender looks for in terms of exploits, such as buffer overflows,SQL injection,cross-site script- dotDefender ing,cookie manipulation,etc.Each pattern includes two sub-menus:user defined,where custom rules can be cre- ated,and best practices,which includes a check box list REVIEWED BY SANDRA KAY MILLER ofstandard defenses/mitigations against known exploits. Signatures are regularly updated by dotDefender and Applicure Technologies include a blacklist ofcompromised/hacked servers,anti- www.applicure.com proxy protection, worms, bad user agents, spammer Price:Starts at $3,995 per physical server installation crawlers and MPack protection against infected websites. Security profiles with unique policy settings can be If you’re looking for quick assigned to different websites hosted on the same server. and inexpensive Web applica- tion security, dotDefender Logging and Reporting C offers protection against Reporting is dotDefender’s weakest aspect. There was common threats through a very little documentation about the reporting features. software plug-in for IIS, Logging provided information that would be useful to Microsoft ISA and Apache an IT administrator, but the reports wouldn’t be very servers. valuable to a business unit in regard to its PCI compli- ance or how its security posture is affecting its business. Installation/Configuration A- Event reports offered basic statistics for individual dotDefender installed rapidly and much more easily websites,event categories and client IP addresses. than hardware-based Web application firewalls (see The logging capabilities are adequate,but lacked the comparative review,March 2008).Since it’s a plug-in, advanced features we have seen in Web app firewall configuration and management for IIS and ISA is appliances.Log data can be exported to third party mon- handled through the Microsoft Management Console. itoring and reporting tools. The Apache version installs as an inline module. By default, dotDefender deployed in a protective Effectiveness B operating mode,leaving us covered against the majority Using a combination of signatures, session evaluation of common attacks we threw at it right out of the box. and pattern recognition, dotDefender examines HTTP But,take the time to perform extensive testing on pro- requests,either allowing or denying them or in passive tected websites to ferret out any security settings that mode,logging only according to policy. interfere with functionality. dotDefender effectively protected all our websites Although the documentation to quickly get the prod- from a variety of common ills found online,including uct running was excellent, we would have liked to see Internet and browser worms, malicious websites with a more in-depth user guide for advanced features. automated downloads, external vulnerability scans, cross-site scripting,SQL injection and DoS attacks. Policy A Additionally,we were able to customize how suspect Tweaking the policies to return our test websites to com- HTTP requests were handled. They could be denied, plete functionality took about an hour per site.Although redirected or only logged.There is the option to return the default policies and rules were ample to protect either default or customized error pages for denied against all of our attacks, dotDefender required minor requests. tuning to maintain the usability of the applications on Verdict Testing methodology: We tested dotDefender on Microsoft IIS on dotDefender is an inexpensive and no-frills way to Windows Server 2003 hosting a variety of websites. protect HTTP sessions on a Web server.w INFORMATION SECURITY 3 PRODUCT I N F O R M A T I O N Reviews S ECURITY® WEB APPLICATION SECURITY Configuration B+ Cenzic Hailstorm Hailstorm offers three methods to add applications: Users can run an auto-discovery scan on Web applica- tion ports,add applications manually,or import a CSV Enterprise ARC 5.7 file.You can assign a risk factor,and group applications for better management.Running and scheduling assess- ments is as simple as it gets. REVIEWED BY PHORAM MEHTA The desktop application allows custom assessments that are a combination of checks from best practices Cenzic (OWASP), regulatory standards, and custom attacks www.cenzic.com created in-house.We selected the OWASP and best prac- Price:$26,000 tices assessments against a classic ASP/MS SQL and a Joomla (LAMP) Web application,respectively. Web application security Hailstorm offers by far the best attack customization has moved from a nice- and new attack creation capability in the industry. To to-have to a must-have offer flexibility,Cenzic has added features such as inter- requirement,for data pro- active assessments,where the user navigates through the tection and compliance. website manually. Cenzic’s Hailstorm,which we last reviewed in 2005, Effectiveness A reflects the growth in the The two areas enterprises spend the most time on when depth and maturity of using a vulnerability scanner are the home page/central Web application vulnera- display and the results/reports. Cenzic has remarkable bility assessment software. interactive dashboard that shows trends and activities. During the review assessments, we were able to watch Installation B the findings and graphs updated as vulnerabilities were Enterprise ARC includes a management server/console; discovered. The details on each finding were available database for checks, assessments and results; ARC instantly, along with the HTTP request/response, com- Execution Engine (AEE);distributed scanners that run plete explanation of how the attack was executed and scans with the Web application to run in different parts remediation recommendations. of the network and the standalone enterprise desktop One feature that sets Hailstorm apart is the Hailstorm scanner. Application Risk Metric score, which incorporates the These components can be installed on one or more risk factor assigned to each application and the severity machines.The only combination that might be a little of the vulnerabilities discovered. This helps you focus tricky is the AEE and desktop software on the same box. remediation efforts and determine which vulnerabilities In this scenario,you have to stop the AEE service before present the most risk.It also measures ifrisk is decreas- you can run the desktop client. ing and ifremediation is effective over time. Use the desktop application for applications needing some manual interaction and constant monitoring dur- Reporting B+ ing the assessment,and use AEE for assessments that can Reporting is by far the most improved module. The be completely automated. reporting engine is a powerful tool to monitor progress, The installation wizard is straightforward and walks manage compliance and distribute relevant information you through the various options, including setting the in a timely manner. The Crystal Reports viewer can network port and passwords for communicating with export reports in many formats. the database. Verdict Testing methodology: We installed the server, database and desktop client on a Windows 2003 Server and used a Windows XP machine as Enterprise ARC 5.7 is a true enterprise-class solution an execution engine and tested against several Web applications. for managing Web application vulnerabilities.w INFORMATION SECURITY 4 PRODUCT I N F O R M A T I O N Reviews S ECURITY® APPLICATION SECURITY Policy Control B+ CodeArmor 2.2 Controls are very granular and flexible; you can select specific application functions and then define how those functions will be protected. For example, during beta for Microsoft .NET testing, you may want to protect many of the applica- tion’s functions. However, after release, you may only want to protect the code that generates the application’s REVIEWED BY STEVEN WEIL license or that initiates encryption. By default,CodeArmor handles all application excep- V.i. Labs tions (e.g., an invalid handle or access violation); such www.vilabs.com exceptions are often caused by cracking attempts. Price:Starts at $18,500 for enterprise applications CodeArmor can also be configured to prevent an application from running within a virtual machine (a Crackers use sophisticated technique commonly used by crackers) or stop other debuggers, disassemblers, processes from accessing the application. virtual machines and other reverse engineering tools to Reporting C undo software protection CodeArmor’s reporting is somewhat limited.It can pro- mechanisms. The result? duce a very detailed log file when the application is ini- Your company’s products can tially protected. However, we would have liked to see become part of the multibil- more logging of actions taken in response to attacks on lion-dollar software piracy protected applications. CodeArmor also does not have industry, your intellectual out-of-the-box ability to generate alerts or send notifica- property could be stolen, or tions ofattacks.V.i.Labs says that custom extensions can code compromised. be created for notifications and event logging. CodeArmor 2.2 for Micro- soft .NET can protect an organization’s applications Effectiveness A without requiring their modification. Using deep encryption techniques, it will frustrate even highly When a protected application is launched,CodeArmor skilled crackers. It provides stronger protection than decrypts and then re-encrypts individual functions as standard obfuscation techniques or hardware dongles. soon as they are loaded to minimize the application’s exposure to reverse engineering attempts.CodeArmor’s Configuration and Management B+ security event monitor continually checks the runtime environment to detect any malicious tampering Installation was fast and easy. CodeArmor runs on attempts,such as trying to attach a debugger to a pro- Windows XP/2003/Vista and can protect .NET 2 and 3 tected application.If tampering is detected,the moni- applications. The software’s useful documentation and tor shuts down the application. intuitive interface made it easy to use. We found CodeArmor to be very effective.We were Simply select a .NET executable file, its associated unable to access protected .NET applications with a DLLs and specific functions to protect.CodeArmor then debugger or disassembler. Protected applications failed encrypts the selected functions (128 bit RC4 or AES) to start after we modified their DLL files with a hex edi- and embeds a security event monitor in the application. tor.It enforced specific security settings,such as prevent- The search interface makes it easy to locate and protect ing an application from running on a virtual machine. specific application functions. Protected applications ran a bit slower;V.i.Labs says CodeArmor does not require modification ofsource that the performance impact is usually about 3 percent. code or creation ofadditional application files. Verdict Testing methodology: We installed CodeArmor on a Windows CodeArmor is an effective and easy-to-use tool for XP SP2 machine and tested it with a variety of .NET applications. protecting applications but has limited reporting.w INFORMATION SECURITY 5 PRODUCT I N F O R M A T I O N Reviews S ECURITY® SOFTWARE SECURITY Management/Monitoring B Klocwork Insight 8.0 Leveraging the Eclipse and Visual Studio native inter- faces for developer integration was key to provide true engineering-level value.From the Eclipse interface,we could easily navigate through the source tree from the REVIEWED BY JAMES C. FOSTER Windows Explorer-like folder system,and see the associ- ated identified vulnerabilities and issues. Klocwork Double-clicking an issue,such as one we found for www.klocwork.com NULL pointer dereferencing,opens the associated file Price:Starts at $25,875 (five user licenses, directly at the line in question.You can modify and save one build server license) the code in the IDE as usual,or right-click the issue at the bottom to obtain sample “bad code”and documen- Klocwork Insight is a source tation on the potential vulnerability. code analysis product that Post-installation management is still immature, as helps automate security vul- DOS batch files are used to start and stop the Klocwork nerability and quality risk servers on local installations.It is also recommended that analysis,remediation and mea- you manually stop all ofthe Klocwork components prior surement. It employs more to rebooting your machine. than 200 different techniques Since Insight is not yet capable ofreviewing JavaScript, for identifying software flaws PHP and ASP,it is not the tool of choice for Web 2.0 for C,C++ and Java. applications. (Support for scripting languages will be This kind of tool is increasingly important, as very available in a future release,Klocwork says.) few people are capable of analyzing and, most impor- tantly,fixing software security flaws. Reporting A We were blown away by Klocwork’s reporting capabilities. Installation/Configuration B- The Web-based reporting interface,Insight Review,allows The installation is difficult for a user ofany type,requir- users to navigate through findings and recommendations, ing several different modules and server components to and drill down into specific components. be installed or loaded prior to use.Plan to spend time on You can select one ofthe current projects your teams training.The upside to the initial learning curve is scala- set up during configuration—typically,each application, bility and flexibility for large,hybrid or segregated devel- product or tool has a standalone project created in Insight. opment environments. Once you select a project,the interface changes into a Licensing can be centrally managed across multiple robust report-creation engine,with the ability to flag and teams and updated in seconds via a quick change ofthe group issues by severity,status and state.These reports license file. MySQL is utilized as the backend database are dynamic and contain active links or hyperlinks that and can be configured at will,making it easy to schedule allow you to gain further detail on specifics issues.More backups,modify the default schema,or integrate Insight than 300 issues were identified in one ofthe tests we ran, into other products such as Microsoft SharePoint or and creating the critical issues report took two minutes BMC Remedy Service Desk.All aspects ofthe Web inter- from start to finish.These issues were divided into logi- face and server are configurable,as it runs atop Apache cal code directories based upon the build structure. Tomcat. All data views and graphical reports can be exported Klocwork supports most development environments to PDF or CSV files,and detailed issue data broken down and can be installed on a range of *nix and Windows by file and line can be conveniently exported to XML. OSes. Verdict Testing methodology: We tested Klocwork on a Windows XP Klocwork’s enterprise reporting and analysis techniques Professional SP2 workstation and on a fully patched Windows 2003 will help companies with structured programming ties Server against several open source, C/C++ and Java applications to C/C++ and Java.applications.w utilizing the Eclipse IDE developer plug-in. INFORMATION SECURITY 6 * PRODUCT REVIEW CORE OF No longer can security managers focus only on perimeter and host security. The application has become the prime target for THE hackers. We review six leading Web application firewalls that help deliver your critical apps securely. BY SANDRA KAY MILLER MATTER * Consider how much information gets plugged into databases through applications and then regurgitated in queries, reports and content. We live in a world of HTTP and HTTPS, where everything has been ported to Web-based interfaces and consoles. Traditional network firewalls operating lower on the stack have no way of identifying malicious requests traversing TCP ports 80 and 443 to online shopping sites, Web mail or business portals such as online banking and account services. Add PCI-DSS requirements for application security,and sive protection for applications: Barracuda Networks’ Web it’s easy to see why Web application firewalls,once considered Application Gateway (formerly NetContinuum); Bee Ware’s niche technology,are gaining traction in corporate data cen- iSentry; Breach Security’s WebDefend; Citrix’s Application ters.They prevent attacks that network firewalls,IDS/IPS and Firewall;F5 Networks’Big-IP 8800 Application Security Man- antivirus filters cannot by limiting suspect access through ager;and Imperva’s SecureSphere Web Application Firewall. combinations ofbehavioral analysis and policy controls. Each product was graded on ease ofinstallation and con- In a head-to-head review, Information Security examined figuration;administration;depth ofsecurity policy control; six application firewall appliances,all ofwhich delivered cen- monitoring, alerting, auditing and reporting; and overall tralized management, enterprise reporting and comprehen- security effectiveness. 7 INFORMATION SECURITY Illustration by JEFF MANGIAT INFORMATION SECURITY 8 * TEST BED REVIEW A INSTALLATION AND CONFIGURATION ll the products we tested were About this 1Uor 2Urack-mounted de- vices built on hardened appli- Information Securitydeployed six application fire- ances. Our first step was to wall appliances from Barracuda Networks, Bee gauge the ease with which Ware, Breach Security, Citrix, F5 Networks and each product could be in- Barracuda Networks Web Imperva. stalled and configured. Al- Application Gateway NC1100 Each product was installed in our test lab though each appliance sup- between a network firewall and in front of or along- ported a variety ofdeployment configura- side the application servers (see “Inside The Lab,” tions (bridge, router, inline, out-of-line), below), which included an Apache Web server we set up each as a reverse proxy,except and Microsoft Internet Information Server, each Breach Security’s WebDefend, which is Bee Ware iSentry IS200 hosting a variety of applications including Web designed to operate in a non-linear envi- mail, an online forum and a Web site with shop- ronment. ping cart capabilities. Imperva and Breach were easiest to set Client machines subjected to attack included up and configure.Thanks to their intuitive systems running Microsoft XP SP2 with Internet design and wizards, each took approxi- Breach Security WebDefend Explorer and Linux (Debian 3.1) with Mozilla mately an hour to get running. Firefox. We focused on common attacks against Using the Site Manager through applications including buffer overflows, cookie Breach’s console, we could easily verify tampering, SQL injection, session hijacking, that the domains,IP addresses and ports cross-site scripting (XSS), cross-site request forg- were correct.It even identifies the type of Citrix Application Firewall eries (CSRF), forms tampering, remote code exe- server on which the application is hosted cution, malicious code (Internet worms), denial of (e.g.,IIS).Through the logical tree struc- service, brute force login and forceful browsing. ture,it’s easy to locate and add sites. Additionally, we configured application-side Imperva required more manual inter- security features, such as Web site cloaking, and vention for the configuration of our F5 Networks Big-IP 8800 attempted to gain network and application con- servers, Web sites, services and applica- Application Security Manager figuration via nefarious reconnaissance practices tions.It presented a logical tree structure such as identifying operating systems and Web similar to that of Breach, but lacked the server details through HTTP header data and useful at-a-glance verification and instead scanning utilities like Nmap. spread the information among four dif- Breach’s WebDefend was deployed in an out- ferent tabs.Nonetheless,these were minor Imperva SecureSphere Web of-line mode next to our Web servers using a points and we found it overall to be on a Application Firewall span port.w par with Breach in this category. —SANDRAKAYMILLER Bee Ware’s initial installation was sim- ilar to our other test subjects, and the configuration wizard stepped us through assigning the basics such as host name, date and time, network interfaces and assigning the destination IP address for our target back-end server. The docu- mentation showed some rough transla- tion issues from the original French,but Internet the configuration wizard led us through a fairly straightforward setup. Database Web Web F5’s Application Security Manager Firewall Application Application (ASM) is a part of its BIG-IP port-based Firewall Server multilayer switch built on F5’s proprietary TMOS platform, which is designed for traffic management,acceleration and load INSIDE THE LAB All application firewall appliances were deployed as reverse proxies (except for balancing.After a fairly painless installa- Breach Security’s, which was attached to a span port) on a network between a traditional stateful inspec- tion onto our network,the configuration tion firewall and a variety of applications servers, including Microsoft IIS and Apache Web servers, Microsoft required us to spend the better portion of SQL, e-commerce applications with credit card transaction capability and an online forum. Browsers includ- a day understanding how the ASM mod- ed Internet Explorer, Firefox, Netscape and Opera. 9 INFORMATION SECURITY * ule integrated with the other modules, such as the Local F5’s comprehensive set ofadministrative tools supports Traffic Manager. its traffic management and load balancing capabilities,and While all of this first appeared extremely complex,F5 the application security module. It helps tame th*e over- features a clean and informative interface coupled with whelming task of administration by compartmentalizing outstanding documentation and technical support. The objects such as virtual complexity was offset by the rich load balancing and traf- servers,URLs and data- AT THE CORE | fic management features necessary for delivering applica- bases for easier, more Administration tion security in big pipe environments. flexible delegation. THE GOOD NEWSImperva offers highly Citrix required a lot ofmanual entry,but offered a clean Similarly, Barracuda granular features for delegating administration Windows-based configuration utility.It wasn’t as time con- groups applications and and assigning rights and permissions, with a suming as Barracuda’s Web Firewall’s setup or as complex resources into role-based comprehensive, easy-to-use interface. as F5,which required extensive understanding about net- administration silos to THE BAD NEWSCitrix’s interface is intuitive work traffic management prior to setting up the security facilitate delegation. and well-designed, but the options are limited, features. Navigation throughout which may not suit some organizations’ Barracuda is somewhat complex and took a long time the extensive feature requirements. to set up.Even though we used Barracuda’s Web applica- set was relatively easy, * tion wizard,an extensive amount of manual security con- despite complexity sec- figuration was required ond only to F5. Roles define the user’s permissions for to effectively protect our command groups (meaning what type ofactions) and are AT THE CORE | Installation test applications against accessible for a particular site,so administrative duties can and Configuration our attacks. Since Bar- be delegated in a large or distributed environment. THE GOOD NEWSImperva and Breach are racuda boasts ofits abil- Bee Ware keeps things simple by breaking down adminis- easiest to set up and configure, thanks to ity to be set up in a pro- trative tasks into two basic groups—administrators and web- their intuitive design and wizards, though duction environment masters.Administrators have access to global configurations Imperva requires a little more manual without causing disrup- and can create, disable or delete services and policies. intervention. tion, we initially de- Webmasters only have configuration rights to the services THE BAD NEWSBarracuda is somewhat ployed the box in passive and policies for which they have been assigned permission. complex, and setup is time-consuming, mode, producing logs This provides the autonomy needed for different groups to requiring a lot of manual configuration. that identified actions make changes to their HTTP-based content as well as the that would have been overall security and oversight to prevent damage to active taken if it was in active response mode—for example, content pages. blocking traffic from an IP that was performing a brute Citrix’s administrative capabilities are basic,but well- force login,forceful browsing or bot activity.This allowed managed through a simple and intuitive management us to effectively tune the appliance prior to switching to GUI.We were able to quickly add users for administra- active mode—a real plus for security managers without tive purposes,but our options were limited to either an the time or resources to first deploy in a mirrored test application administrator or an application guest,whose environment. account could view, but not modify, configuration set- tings.We felt this was essentially useless. O ADMINISTRATION Breach breaks out administrative tasks into two ngoing maintenance and tuning plays a ] groups as well—system significant role in the continuing effective- administrators with access to ness of these devices,which cover numerous THE everything, and site admin- complex technologies and security issues. PERVASIVENESS istrators who only have And, the pervasiveness of Web-based appli- rights to sites assigned to OF WEB-BASED cations presents management challenges that them. Additionally, Breach make delegated administration an important APPLICATIONS includes two view-only factor. PRESENTS MAN- accounts—a Super Viewer Imperva offers the most granular administrative rights who can see everything and AGEMENT CHAL- delegation and greatest ease of assigning rights and per- a Viewer with read-only LENGES THAT missions.An expandable tree allowed us to instantly view access to sites to which they administrative groups under which individuals are listed. MAKE DELEGATED are assigned. Rights and permissions can be set globally, per group or ADMINISTRATION Assigning sites was effort- per individual through a comprehensive list of available less, as all active sites are AN IMPORTANT resources and applications.We could quickly set view/edit displayed in one window [FACTOR. privileges.Individuals can be assigned to multiple groups and could be assigned with as well,giving them different levels ofaccess. a mouse click. INFORMATION SECURITY 10

Description:
The subscription fee includes a comprehensive collection of predefined security checks for each platform. ager; and Imperva’s SecureSphere Web Application Firewall.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.