Web services may threaten enterprise security
Clear text messages used in transferring applications via Web services can potentially slip through existing security hardware allowing malformed code to run rampant within organizations.
Typically, malicious code such as Trojans and worms are detected at the gateway; however, current XML and SOAP attachments (Simple Object Access Protocol) can potentially allow threats to enter the network, as well as information leakage.
Dean Dierickx, Asia-Pacific director of Forum Systems, said existing firewalls are blind to XML -- and SOAP-based messages.
"Adding to the problem is security controls built into Web services applications, which offer a compromise in performance and as a result are systematically being turned off," Dierickx said.
"Because some tools allow developers to write security (like access control) into layers and because of how much demand it makes on the application server, the number of CPUs to parse and validate bogs down application performance; system operators are turning the security off because of application degradation issues."
Dierickx said the likes of Microsoft and BEA have made it easy to write Web services and security problems are now surfacing.
"We are now hearing of Schema poisoning and XML perimeter tampering, and probably another 12 different ways for Web services application breaches to [appear]," he said.
"For companies writing Web services applications using SOAP with attachments, systems need to be set up to scan and detect code coming in on an XML payload, because no existing infrastructure can detect if a company has been breached."
Amer Qureshi, director of Forum systems field operations, said scanning attachments for Web services applications is vital at the network perimeter, before the applications are allowed into the enterprise infrastructure.
"XML attachments work the same as e-mail, but there are no application servers exchanging information and people interact directly with the application; the attachments can be anything so it is vital to scan these documents at the edge of the perimeter before they are let inside the infrastructure."
Crossbeam Systems, in partnership with Forum Systems, released their unified threat management solution X-Series across Australia this week The X-Series is a three-blade chassis offering VPN, IDS/IPS, antivirus, HTTP scanning, URL filtering, Web Firewall, Application Firewall and XML firewall.
» posted by abennett
Computerworld Today
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
