Protecting truckloads of data on the information superhighway

SSL Journal

Subscribe to SSL Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get SSL Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Top Stories

Security Journal on Ulitzer So you’ve bought into the idea of service-orientation. Congratulations. You’ve begun to create services throughout your internal corporate network. Some of these run on .NET servers; others are Java services; still others are Ruby-on-Rails—in fact, one day you woke up and discovered you even have a mainframe service to manage. But the question you face now is this: how can all of these services be made available to consumers on the Internet? And more important, how can you do it securely? Most organizations buffer their contact with the outside world using a DMZ. Externally facing systems, such as web servers, live in the DMZ. They mediate access to internal resources, implementing—well, hopefully implementing—a restrictive security model. The DMZ exists to create a security air gap between protocols. The idea is that any system deployed ... (more)

The State of Code Integration?

Many things are intended to work together, but require specific knowledge to get the outcome you desire. Automobiles and trailers, for example, require a trailer hitch, and not just any trailer hitch, but one with a ball the correct size to work with the trailer, and wire connectors that will plug in. It’s all in the interface, but once you have the knowledge and get it all hooked up, you can haul a lot more with the combination than with the vehicle alone. There are, of course, many similar examples in the world, and ours is somewhat rudimentary, but does get the point across. ... (more)

It's Like Load Balancing. On Steroids

What is this application delivery thing that everyone keeps telling me I need? Isn’t that just the latest marketing term for load balancing? A recently released Forrester report concludes that “firms must develop and integrated strategy for application delivery.” We don’t disagree with that, or with the Gartner report claiming that “Load Balancing is Dead, Time to Focus on Application Delivery.” Application delivery is the next step in the logical evolutionary path from the tactical solution of load balancing to a comprehensive application infrastructure strategy. Forrester’s re... (more)

Configuring JMX in WebSphere 8.5

Like most application servers, WebSphere 8.5 has a rich management infrastructure based on JMX, or Java Management Extensions. In fact, the WebSphere administration console uses JMX to connect to the server to issue queries and perform administrative operations. In a previous post I showed you how to secure JBoss’ JMX connector. While there is a lot of information out there on how to connect to WebSphere via JMX, most of the examples involve either disabling SSL, or worse – disabling security globally. So let’s see how we can access WebSphere’s JMX connector remotely in a secur... (more)

Don’t Say a Word

This will probably be a short post since there are not that many security terms that begin with the 17th letter of our alphabet.  However, keeping Quiet is a common theme in security. As mentioned numerous times, locking passwords, logins, and other sensitive information in your mouth vault keeps them from leaking to others.  Social Engineering has always been about compromising that vault.  Recently there was a post by Roger Thompson, AVG’s Chief Research Officer, which actually suggested to Write Down your passwords, especially complex, hard to remember passwords. While this ... (more)

Scale your Web Presence Globally via GoGrid Content Delivery Network (CDN)

Yesterday GoGrid and EdgeCast Networks jointly announced the availability of the GoGrid CDN (Content Delivery Network). With the GoGrid CDN (currently in beta), GoGrid customers can scale their web presence as well as accelerate the delivery of web content using the GoGrid CDN global infrastructure. What is unique about the GoGrid CDN (powered by EdgeCast Networks) is that it is a pay-as-you-go service with no contracts or usage requirements. Also, the CDN boasts 16 Points-of-Presence (PoPs) on 4 continents. There is no need to set up specific zones as your coverage is truly globa... (more)