Intrusions at application level could have disastrous effects on your organization. Application security may be applied on entry level, transportation level and content level.
Entry level security
Upgrading entry level security of applications is relatively easy. By applying an SSL VPN gateway, an appliance is placed before the application server. Within the SSL VPN system, entry to the application server may be restricted by means of unique usernames and passwords, preferably extended with token-based strong authentication. Also the application protocol is automatically enclosed within an encrypted SSL connection.
Additionally, strong authentication may be engineered into a web application directly. Vasco offers plug-ins for web servers.
Transport level security
VPN systems may be applied to protect transmission of data to and from an application server. To protect connections between clients and servers, SSL and IPsec VPN systems are used. With network to network connections, generally IPsec gateways are applied.
Content level security
An application server may also be secured on content level. At this level a transparent gateway is installed to check the validity of e.g. SQL, HTTP, FTP, VoIP.XML, DNS and other protocols. Sometimes, this functionality is available within a firewall, sometimes within an Intrusion Prevention system. A reverse proxy may enhance this system.