ebusiness at eBusinessProgrammers.com ::   Putting 'e' in your Business.
eBusiness ConsultantseBusiness consultants
Monitoring Technology
ECommerce Vs
EBusiness Security
Case Study
Case Study
Contact Us
About Us
Partner With Us

GoECart Ecommerce Solution

Within five years of time, all companies will be Internet Companies or they wont be any Companies at all.

~ (Groove 1999)
Monitoring Technology

By implementing authentication and authorization technology, a business can ensure that specific e-business resources such as applications and databases are protected from unauthorized access. Even so, there is a need for monitoring technology that can keep track of potential security problems for the network as a whole. Malicious attacks on business Web sites have become a well-publicized phenomenon. Successful attempts to penetrate the security of business systems, or bring Web sites to a halt by generating huge amounts of traffic, regularly make headlines. It may not be possible to completely eliminate the business risk caused by such attacks. However, it is possible to take advantage of new technology that can help minimize the risk by identifying the threat and enabling the organization to react quickly. To protect themselves against attacks, organizations have traditionally implemented a variety of technologies at the network boundary. These include:
  • Firewalls aimed at excluding attackers by admitting only certain types of network traffic
  • Intrusion detection systems that monitor the network or specific resources for anomalies such as the presence of unauthorized traffic
  • Filters to remove viruses before they spread to thousands of desktops
In addition, specific network elements such as Web servers, routers and application servers may attempt to detect problems. As a network grows, so does the number of these devices. Each of these products generates information designed to alert administrators to potential dangers. This, however, rapidly leads to an overload of management information. Network problems may result in streams of alerts being generated by multiple products that detect the problems. Though each specialized product may be effective at sensing the problem, there is no coordination between them. In addition, not all alerts can be relied on to accurately indicate a real problem. Products such as intrusion detection systems generate numerous “false alarms” in an attempt to warn of network anomalies. The result is that floods of alarms often swamp administrators. Dealing with this consumes large amounts of administrators’ time and hinders them from determining the real causes of the problems. This poses a considerable risk, because of the delay in being able to react to the original network intrusion.
However, technology is now available to ameliorate this problem. New monitoring tools correlate all of the information from these data sources and help determine and prioritize which are the most important events. To be most effective, the solution needs to interface with a wide range of security products and other sources of network alarm data and interpret the alarm messages coming from them. Because the number of potential data sources is vast and growing, this is not an easy task.

Once the applications are online, it is vital to ensure that access control lists are kept up to date and in step across multiple applications, and to make sure that as security policies change, those changes are simultaneously reflected across the whole e-business environment. Each of these steps is an opportunity for error, inconsistency or delay, and can result in security loopholes. An alternative approach is now possible. Technology is available that provides a security infrastructure for all of an enterprise’s Web-based applications, eliminating the need to code and maintain security logic for each application. This approach has been accepted as a standard method for developing mainframe applications for years, but the technique is only now being extended to Web applications.
The technology correlates alarms from each of these devices to present administrators with a clear view of the real problem. The goal is to identify which alarms refer to the same problem and to eliminate the overhead caused by dealing with false alarms.
Automating responses to routine problems:
Some events, such as the detection of a virus in incoming email, can be clearly identified by the monitoring technology, and therefore can be handled with a routine response. For this type of event, the technology can be set up to take automatic action, saving administrators considerable work in dealing with unambiguous everyday problems.
Because this technology is integrated with an enterprise console, it can use the administrative features of an enterprise management system. These include the ability to delegate different management problems to different administrators. Administrators and security managers also can use capabilities of the enterprise management software to analyze network security by viewing historical reports of network data.
Enterprises that take advantage of e-business can reap the rewards of increased revenue, streamlined processes, and closer ties to suppliers and customers. However, the increased reliance on Web-based applications and the desire to open up networks to partners and customers inevitably generates greater concerns about the complex area of Internet security. These concerns are likely to grow, as the Internet becomes an even greater part of everyday life. Implementing an effective Internet security strategy is not easy. Still, new technologies enables businesses to make the security of Web-based applications much more manageable. These technologies provide ways to centrally implement policies to enforce security for all e-business and legacy applications. In addition, they accomplish this while retaining the flexibility to allow specific users and groups access to only the applications they need. By using these technologies, organizations will be able to implement approaches to e-business security that is as strategic as their overall approaches to e-business. Simply buying key technologies will not automatically solve problems. Expertise and careful implementation strategies are as critical as ever. When dealing with multi-faceted problems, organizations will find considerable benefits in seeking the help of experienced consultants and implementation partners. With the right help and technology in hand, Internet security may not seem as daunting a task.
Signup for Newsletter
E-Business White Papers

©2007 www.eBusinessProgrammers.com. All rights reserved.
Ecommerce Solution and Offshore Software Development Powered by MachroTech, a leading ECommerce Software Company
legal privacy
Your information highway http://www.eCommerceProgram.com  
Your premiere destination for Offshore IT Development http://www.OffshoreITOutsourcing.com