Application Assurance consists of the people, processes and technologies to ensure responsive, survivable and secure application services. Application Delivery Controllers (ADC) are used today to deliver Application Assurance. Michael Bomba - Federal Solutions Architect - Kemp Technologies
Network Centric Warfare requires access to timely, trustworthy information during all phases of operations. The most common way information is accessed is thru applications. This white paper addresses the critical need to address Application Assurance to ensure survivable, secure and timely delivery of information to the operator.
We have spent millions in defending our networks, servers, PCs and mobile devices because we have recognized our mission (our business) depends on being able to access our applications reliably and securely. Sometimes we forget the reason for these investments is to assured access to information and many of us have not addressed application security properly.
Security best practices define security measures that should be employed at the edge of every network enclave. These measures include network firewalls, network intrusion prevention services, and application-level firewalls. While network firewalls have advanced to include some application level checks, they are not purpose-built for application security and more importantly, they are run by network security personnel, not application security personnel. What this typically results in is network security personnel adversely impacting application performance and availability while trying to address application security concerns.
The most informed resources you have on your applications are your application administrators. They know what the application needs to satisfy the consumer. They are responsible for fixing any application-level security issues; yet, they are often not in control of the technology needed to manage application security and overall risk. The technology they desperately need is currently embodied in Application Delivery Controllers (ADC).
In the past, ADCs were expensive, complicated and manpower intensive. This resulted in centralization of application delivery controllers and attempted management of these as shared resources for large numbers of applications. Setting these up for a large number of applications made it difficult to tailor them for each individual application. It also removed them from the people that need them, the application administrators.
Kemp ADCs focus on application assurance, delivering application security, availability and performance, to ensure you can execute your business no matter where your applications are hosted, all in an affordable and easy-to-use platform.
Placing Kemp ADCs closer to applications and enabling application administrators access to these devices will allow them to establish fine-grained access controls as well as establish appropriate application-level firewall settings to defend the applications and associated information they are accountable for.
Specific security features Kemp provides include SSL Reverse Proxy, distributed denial of service (DDOS) mitigation, web application firewall (break-and-inspect-and-defeat), URL matching and rewrite, pre-authentication, multifactor authentication, access control lists, FIPS 140-2 grade encryption, Domain Name Service Security (DNSSEC), support for enhanced key management and storage (external high security module support), extensive auditing, and integration with third party security management tools.
Until recently, the entry point for server Load Balancing and advanced application delivery was often cost-prohibitive for Government agencies with strict budget constraints. There are many metrics related to total cost of ownership (TCO), and often manpower becomes the single most expensive portion of TCO. Next generation ADCs focus on ease of use and allow for the use of junior network technicians for the operations of ADCs, as well as eliminating the need for expensive consulting services agreements that were the norm for legacy ADC manufacturers.
Today, affordable yet advanced Application Delivery Controller solutions providing intelligent features are now available. Kemp Technologies is proud to have been a pioneer in making this a reality for the various Government Agencies that have become clients of the Kemp LoadMaster platform.
Kemp Technologies is an industry leader in the Application Delivery space and works with Federal, State and local government clients across North America as well as with remote deployments of our Armed Forces to ensure the high availability and optimization of critical infrastructure and applications at a mere fraction of the cost of the competition. Kemp’s LoadMaster suite of Load Balancing and application delivery products simplify the management of networked application resources, while optimizing and accelerating user access to application services.
Kemp’s award-winning and field-tested LoadMaster Operating System (LMOS) are available as cloud appliances, virtual appliances, physical appliances and installable ISO. Kemp has solutions for Azure, Azure for Government, AWS, AWS GovCloud, VMware, Hyper-V, Virtual Box, KVM, XEN, and physical datacenters enabling Private, Public, Hybrid and traditional data center architectures.
Mission Assurance requires timely access to trustworthy information. Information must be available when applications fail inside a single data center and when entire data centers are unavailable. Application Assurance addresses the processes and technologies necessary to ensure Mission Assurance.
Application Assurance ensures the survivability, security and timely delivery of information to the operator. This is accomplished using commercially available application delivery controller technologies. Without ADCs, it is not possible to build information systems that guarantee availability of information, especially during degraded conditions.
Kemp builds to U.S. Federal standards. FIPS 140-2 certified encryption (we don't just claim we do encryption correctly, we have the federal labs test and the U.S. Government certify we do it properly) is included. Multifactor authentication (including Common Access Card certificate-based access) is included. Reverse proxy (ensuring no one can directly connect to your applications) is included. Web Application Firewall (to mitigate application level attacks) is included.
Kemp LoadMaster ADCs are listed on the DoDIN Approved Products List under the Cybersecurity Tools (CST) section.
Kemp Technologies’ application delivery controllers deliver easy to operate, cost effective solutions, to ensure critical applications will be delivered securely, reliably and without interruption. Learn more about Kemp Technologies at http://www.kemptechnologies.com
More Kemp Resources