Under Attack?
Search
Menu

The ADC Key Master Delegates Application Security Functions

By Frank YueAugust 3, 2017

One of the responsibilities of the Key Master is to provide access to the sensitive and secure information hidden within the locked facilities.  In my last post, I explained why the application delivery controller (ADC) is the Key Master for SSL/TLS communications on the internet.  It is the responsibility of the ADC to manage and distribute the access to the different essential security services.

Businesses purchase and implement a myriad of security solutions to protect their applications. Next generation firewalls, intrusion prevention systems (IPS), data leakage prevention (DLP), and web application firewalls (WAF) are just some of the diverse security solutions that companies use to ensure the safety of their applications.

Most of these security solutions are not designed to decrypt high volumes of encrypted content. They are designed to inspect application communications in order to validate the content, identify the threats, and block the malicious attackers. The resource and cost burden to decrypt the content is high. It does not make sense to apply the decryption and encryption process within each security service.

[You might also like: You Cannot Do Application Delivery Without Security]

Manage the process, not the service

This is where the ADC can be of service. The ADC is the central point for managing application encryption and provides the high-performance decryption technology. As the Key Master, the ADC becomes responsible for access to the decrypted application content.

There are three functions that the ADC performs that makes it the perfect solution for this inbound SSL inspection architecture.

• First, the ADC is a load balancer. The ADC evolved from the load balancing technologies developed in the 1990s. As a load balancer, it is designed to manage the connections to pools of devices. These devices can be the typical application servers or they can be the security services that need to inspect the unencrypted application content.
• Second, the ADC has the software and hardware enhancements to manage the high-performance encryption and decryption needs. Over 50% of the internet is encrypted today. Security and privacy concerns are driving organizations to increase the application encryption requirements.
• Third, the ADC uses service chaining to send the decrypted content to multiple security devices. The Key Master controls and directs the sensitive application content to multiple security services. The application content only needs to be decrypted once to steer the traffic to the security services because it is the central point of encryption management.

With great power…

The ADC is designed to be the central management point for all things related to application encryption. This functionality means that it is responsible for managing all of the corollary security services that need access to the protected content.

Fortunately, the ADC has the pedigree of load balancing technology and is well positioned to be the Key Master for application security services that are required within today’s vulnerable internet. Businesses are prudent to take advantage of the ADC capabilities to enable the critical security functions that application networking requires.

6_tips_sla_document_cover

Read “Keep It Simple; Make It Scalable: 6 Characteristics of the Futureproof Load Balancer” to learn more.

Download Now

Posted in: Application DeliveryTags:

Frank Yue

Frank Yue is Director of Solution Marketing, Application Delivery for Radware. In this role, he is responsible for evangelizing Radware technologies and products before they come to market. He also writes blogs, produces white papers, and speaks at conferences and events related to application networking technologies. Mr. Yue has over 20 years of experience building large-scale networks and working with high performance application technologies including deep packet inspection, network security, and application delivery. Prior to joining Radware, Mr. Yue was at F5 Networks, covering their global service provider messaging. He has a degree in Biology from the University of Pennsylvania.

Related Articles

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Contact Us Now

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
Close

What are you looking for?