First and foremost, it is important for you to be able to tell the difference between a firewall, IPS/IDS, and a web application firewall. All three are important security devices that help protect your environment and sensitive data in different ways. A firewall will generally control who can access your system and who cannot. An IPS/IDS will detect invalid or malicious packets that match particular signatures (usually provided by a vendor). A web application firewall will not just inspect packets, but will actually inspect full request and responses at the application level.
The following are just a few of the benefits gained by having a web application firewall in your environment:
A Web Application Firewall directly satisfies PCI Requirement 6.6 (from PCI DSS v2.0)
Provides protection at a high level, detecting not only malicious events, but also code exploits as well as other network anomalies.
Customizability. Web application firewalls generally provide flexible rule engines as well as multiple logging solutions and default detection actions.
Of course, no piece of equipment is perfect and where there are advantages, there are also drawbacks. I have found that rule customization, while entirely possible, can be tricky in the sense that custom rules need to be maintained as much as the application. In addition, it is also very easy to create rules that generate false positives (in other words, rules that block both valid and invalid traffic). Despite the difficulty in creating well designed custom rules, all web applications usually come with a very solid core rule set. Mod_security, the open source web application firewall solution, boasts a core rule set that protects against generic SQL injection attacks, Cross Site Scripting, and even language specific injections.
With all that said, it is easy to see that a Web Application Firewall is a good choice when looking to supplement the security in your environment. Of course, I say supplement because no one device is going to provide perfect security. Security is best accomplished through layers and as great as a web application firewall may seem, it does not replace a standard network firewall, an IPS/IDS, or even thorough code checks and patching. However, when a Web Application Firewall is used in conjunction with all (or even some) of the above, it provides a new level of security that greatly reduces the risk of compromise to sensitive data.
Server Health Monitoring, Keyword Monitoring and Transaction Monitoring are all tremendously useful tools to measure and maintain site uptime, but they are really just the tip of the iceberg in terms of custom monitoring. Why stop with just confirming your page is up when you can go a step further and track your Key Performance Indicators?
Key Performance Indictors (KPIs) are measurements of the performance of your business or business unit. A KPI is not to be confused with an objective. I want to sell 1000 units in a day is not a KPI. However, the actual measurement of how many units per day you sell and the measurements of the components that go into that result can be KPIs. If your business has a strong Web-based aspect, there is a good chance you have or could have several online KPIs to keep track of how you are doing.
Effective immediately – INetU offers EU managed hosting in Amsterdam, Netherlands!
INetU’s Amsterdam data center currently supports the Dell servers and Cisco networking equipment we offer in our Allentown location. This includes Dell R410, R510, R710, and R910 series servers. Supported Cisco network equipment includes ASA firewalls and ACE load balancers.
Here is how you can benefit from an INetU’s Amsterdam Managed Hosting:
One-Stop Management: If you have servers hosted with other providers in Europe, consolidating them with INetU means one point of contact and service level for your server management needs.
EU Compliance: Compliance sometimes requires hosting sensitive data for European Union clients in Europe, so switching to our Amsterdam location might be a useful alternative to our EU Safe Harbor-certified Allentown location. The new data center complies with PCI DSS physical security requirements (Section 9) and INetU’s services and management practices address all other PCI DSS requirements.
Local Hosting for European Clients: Hosting your European clients’ data nearby may be perceived as a benefit to them, so you’re ensured to receive the high services levels you’re used to by hosting with INetU domestically. While our world-class network performance means you already have fast delivery times into Europe, you might find hosting out of Amsterdam beneficial the further East your target audience gets.
As with our Chicago location, we are able to set up our Business Continuity Hot Site service to Amsterdam, which includes data replication between your servers at our Allentown facility and your servers at our Amsterdam location.
Look for more INetU locations in the future. If you have any interest in using INetU’s EU managed hosting, don’t hesitate to contact us!
At the 2011 HIMSS show in Orlando, I spent the first day getting the feel for the show and into a rhythm with our team at INetU’s booth. Finally on the second day I was able to attend a session. The session I chose to attend was: Securing Health Information on the Cloud.
The speaker, Feisal Nanji (Executive Director for Techuman), did a great job of outlining cloud terminology basics for the purpose of framing his discussion. While a highly technical audience may have found much of it to be a review, there were a lot of useful takeaways to help the less technically-minded attendees unravel the data security confusion that’s compounded by the “fuzzy” nature of cloud discussions.
In my opinion, this is where a lot of other thought leaders “miss”: they spew facts and statistics, but often don’t guide the audience to put their own problems in the correct context so they learn to ask the right questions.
Here are some of the key takeaways:
Cloud computing allows for:
Computing on-demand
Resource pooling
Rapid deployment of IT services
Easy measurement of what’s being used
See? Very Basic.
However, because VMs are (by definition) virtual, it opens up a few questions when it comes to securing your data:
If you don’t know exactly where your VM resides, how can you know if the facility that hosts it has the proper security policies in place?
How much visibility will my cloud provider give me into access and authorization into my environment?
What is the chain of custody of my protected data in the context of a particular provider’s services?
This thinking encourages the user back to thinking of cloud security the same way he would think about security in a traditional datacenter model. This leads to sound questions like:
How is the facility being managed?
What physical controls are in place to secure the individual environments
What are the security policies that are in place?
If you didn’t get to view Mr. Nanji’s presentation, you should know that it was a great overview for anyone taking their first steps into the cloud. It took you from a place of confusion about security on the cloud to a place where you can ask the right questions of a qualified cloud provider (which will ultimately lead to the right solution for you!)
Whenever we attend a conference, we always learn one thing: it really is a small world!
That’s why we were able to chat briefly with one of our clients – Patient Point – who provides a self-service kiosk for patients to check-in electronically for medical appointments. The kiosk also allows for pre-registration, scheduling, bill payment, and mobile charge capture.
Hear what Patient Point had to say to our vlogging team at HIMSS:
Thanks, team! And thanks to Patient Point for meeting with us. For more information about what their company does, you can visit them at Booth #6868 – they’d be happy to have you, and let them know you came from INetU!
