Application Delivery Controllers (ADCs): The Security Tool You Didnt Know You Needed

Application Delivery Controllers (ADCs): The Security Tool You Didnt Know You Needed

Application Delivery Controllers (ADCs): The Security Tool You Didnt Know You NeededDowntime for even a few minutes can have a major impact on businesses’ bottom line and image. Businesses suffering from server downtime are subject to potential loss in sales, profits, productivity and customer satisfaction. In fact, the U.S. per record cost of data breach averages $194, according to Ponemon Institute.

Another unfortunate result of network outages and downtime is severe data loss, forcing businesses to cope with the cost of recreating data and the cost of notifying users in the event their data is compromised. As customers rely on access to a business’ website for purchases, support, information and services, 100 percent connectivity, 24/7 is imperative to businesses’ customer satisfaction.

Hackers and other security attacks are a source of server downtime and have consequently become a major concern for businesses. Fortunately, there are several preventative measures businesses can take to secure and protect their network against hackers and network infrastructure attacks. For example, application delivery controllers (ADCs), which are used primarily for traffic management and to ensure optimal application performance, are also equipped with security features that protect against the most common types of network attacks, meaning that businesses can utilize tools they already have to protect against oncoming threats.

Protecting Against Hackers

Hackers are a serious security threat for business of all sizes. Hackers are generally exploiting the network to discover the identity of the network content servers. After the hacker physically identifies the servers, he begins to work on cracking the security screen. This type of unauthorized access to sensitive data has the potential to cause serious consequences to businesses.

Fortunately, ADCs are equipped with several security features to protect networks against this type of attach. ADCs enhanced security capabilities prevent hackers from obtaining IP addresses of the network content servers by utilizing the NAT (Network Address Translation). The NAT protects the real IP address of the server that holds outside users in a DMZ, protecting the server from potential harm from the hackers.Application Delivery Controllers (ADCs): The Security Tool You Didnt Know You Needed

Network Infrastructure Attacks

Network infrastructure attacks generate large volumes of traffic to overwhelm the network appliances. These types of attacks are typically a planned and well-synchronized massive generation of incoming traffic that is aimed at the edge devices in a businesses’ network infrastructure. Network infrastructure attacks will penetrate as deep into the network as possible, with razor sharp focus on the network content servers.

ADCs add a layer of protection to the network infrastructure by mitigating attack vectors and monitoring all incoming requests. IPS/IDS and basic firewall functionality ensure that malicious attempts are not passed through to application instances. ADCs lie between the Internet and the application environment, putting them in a prime position to perform these functions.

For a complete implementation that can not only scale and withstand attacks, geographic site load balancers work in conjunction with local application delivery controllers to intelligently distribute user application traffic across dispersed data centers. Real time site monitoring coupled with configurable business-rule driven traffic steering algorithms results in the optimal use of a global data center fabric. In the case of multi-tier applications where an administrator is alerted to server resources requesting other servers through the ADC, and one random server exhibits anomalous traffic patterns, the ADC can block access to the offending server and act as an additional layer of protection against DDoS attacks.

Another common window of vulnerability in terms of application security is Missing Function Access Level Control exploits (a top 10 OWASP web app security concern). When developers create web interfaces, they have to restrict which users can see various links, buttons, forms, and pages but graphic design layers on top of HTML in terms of the web page look and feel often hide the exposed URLs.

ADCs can restrict which hosts and users can access fronted resources, as well as dictate which directories can even successfully be accessed. For most deployments the only successful traffic flow will be one that traverses the ADC for the request and the response, which helps to mitigate the amount of attack vectors that malicious efforts proffer. Additionally, as a reverse proxy, ADCs terminate TCP traffic, acting as a basic firewall in the strictest sense and only allowing explicitly allowed connections to ever make it through to the application infrastructure.

ADCs: A Key Security Tool

ADCs, while usually relied upon to improve the scalability and performance of business-critical applications running on the network, also serve as a key tool against network attacks. By utilizing the security features of ADCs, businesses can protect their networks against hackers and network infrastructure attacks to avoid any downtime while making the most of existing IT tools.

About the Author

Atchison Frazer is the CMO at KEMP Technologies.

Featured

  • Enhancing Security and Business Intelligence

    From border security to parking lots, ALPR has gained traction across multiple use cases as the technology becomes more accurate and affordable than ever. I spoke with Jason Cook, business development director at Vaxtor, a leader in ALPR AI-based analytics, and Rui Barbosa, category manager, Surveillance Products at i-PRO, a maker of AI-enabled security cameras, to delve into the latest advancements and applications of ALPR technology. Automated License Plate Recognition (ALPR) has transformed significantly over the years, evolving from a niche technology into a powerful tool for a wide range of applications, particularly in border security. Read Now

  • Leveraging Smart Sensors

    The integration of smart sensors with data-driven video technology provides schools with a comprehensive solution to enhance safety and security. This combination offers advanced capabilities such as environmental monitoring, audio analytics, vape detection and unified data management, empowering schools to create a secure and healthy learning environment for students and staff. Read Now

  • Unlocking the End-user Perception

    An observation as a creator of identity verification solutions is that while industry leaders are often excited by the opportunity to leverage biometrics, there are often concerns raised about the end-user mindset during the conversation. Primarily, what are end-users’ expectations of biometric technology? What concerns might they have about its usage to authenticate and protect their access? Read Now

  • 4 Killed, 9 Injured at Georgia High School Shooting

    Four people were killed and nine were hospitalized after a shooting at Apalachee High School in Winder, Georgia on Wednesday. That’s according to CNN. Read Now

Featured Cybersecurity

Webinars

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3