Radware Report Reveals Role of ADC in Enterprise Security

The digital security threats enterprises face are no longer restricted to mischievous hackers looking to test their coding prowess. As the recent Sony incident highlighted, it can come from anywhere and result in losses totaling tens of millions of dollars, ruining the reputation of a company and its employees. The threat landscape is growing and getting more sophisticated as global criminal organizations, state sponsored entities, hacktivists and others now part of the problem.

A report by Radware, provider of application delivery and application security solutions for virtual and cloud data centers, has revealed everyone is susceptible, and Application Delivery Controllers (ADCs) are playing an important role as critical security controls and strategy for enterprises.

An ADC manages client connections to Web and enterprise applications as well as directing the flow of data between two entities. As more enterprises move to the cloud and make their IT resources available from virtually anywhere, the role ADC plays in improving security has increased.

The report, titled “The Expanding Role and Importance of Application Delivery Controllers (ADCs),” was a collaboration between Radware and Enterprise Strategy Group (ESG), an IT research, analysis, and strategy firm, focusing on the use and future strategies of ADCs. The research covered 243 IT professionals in enterprise organizations with more than 1,000 employees based in North America.

“Organizations now rely on ADCs as an important part of their overall security strategy, and like other layers in infrastructure, ADCs are moving from physical to virtual – providing added and necessary flexibility in network management,” said Jon Oltsik, senior principal analyst, ESG

 Some of the key points the survey identified were:

• The use of ADCs in both large and small enterprises, supporting hundreds of Web applications for business analytics, CRM, email and human resources. A vast majority of organizations (82 percent) stated the number of ADCs will increase substantially or increase somewhat at their organization.
• More organizations are using ADCs as an added layer of defense beyond perimeter security devices (e.g., firewalling, IDS/IPSs, network segmentation). This includes 76 percent of organizations expecting their use of ADC security capabilities/functionality to increase in the future, while 49 percent are now leveraging the security capabilities on all ADCs, and 44 percent leverage the security capabilities on ADC-supported applications with sensitive data.

The functionality of ADCs is being used from the network through the application layer as more organization deploy it as virtual appliances. Although physical ADCs make up the majority, two-thirds of organizations have deployed a combination of physical and virtual ADCs. Respondents said it has provided higher level of availability (49 percent); improved response time (47 percent); better access to applications (44 percent); and an enhanced security posture (36 percent).

 “ADCs can be programmed and fine-tuned at the IT infrastructure, security policy and even business level, providing a degree of flexibility that is difficult or impossible to implement in other IT technologies,” said David Aviv, vice president of advanced services, Radware.

As the report looked ahead, it asked executives their thought about the future, and whether they expected more attacks, fewer attacks or the same amount of attacks. The unanimous response was, they expect more attacks. With threats originating from many different sources, organizations must use all available resources to lessen the damage of the attack that will eventually take place. The ADC solutions Radware provides in combination with its security service, including cloud scrubbing, DDoS & DoS attack prevention, SSL attack mitigation, Web application firewall, PCI compliance and SSL sniffing is one stopgap measure in the evolving nature of cyberwarfare currently taking place.

Edited by Maurice Nagle