BEA Systems, Inc, the world`s leading application infrastructure software company, today announced it is addressing a major IT challenge for enterprises with BEA WebLogic Enterprise Security -- a powerful and unique application security infrastructure solution.
By incorporating its industry-leading application infrastructure expertise into BEA WebLogic Enterprise Security, BEA can help enterprises strengthen application security, enable secure information access and improve IT efficiency.
Application security represents a major challenge for enterprises that want to expand their business processes by adding new users like partners and suppliers, while maintaining appropriate levels of security.
"Gartner estimates that 70% of security incidents that actually cause loss to enterprises - rather than mere annoyance - involve insiders. This finding should surprise no one. Insiders create an enterprise`s products and deliver its services, and efficient access to sensitive information is essential to its efforts to bring profitable products to market quickly and competitively. Nonetheless, enterprises must find the balance between completely open internal access and overprotective security that hurts business." Gartner, Inc, "High-Profile Thefts Show Insiders Do the Most Damage", John Pescatore, 26 November 2002.
Enterprises have traditionally tried to resolve this issue by hard-coding security into individual applications. The results have been disparate security silos that need to be manually updated whenever an enterprise wants to add or remove a constituent, or change security levels of users within its applications - a tactic that increases risk and inflates costs of development, integration and administration.
BEA`s patented, distributed architecture and service-oriented approach is designed to allow for centralised security policy visibility and control without sacrificing enterprise performance, scalability and reliability. Also, BEA`s standards-based framework easily integrates into diverse IT environments as well as existing third-party security solutions, which removes the need for costly and time-consuming hard-coding by developers, and places the power of application security into the hands of security administrators.
"CAP selected BEA`s application security solution to manage access for nearly 16 000 physician members and the laboratory community distributed throughout the world," said Mike Miller, CIO, College of American Pathologists. "BEA provides us with the unique capabilities to implement our application security requirements in a manageable and scalable fashion across a heterogeneous IT environment. CAP is widely considered the leader in laboratory quality assurance and is an advocate for high-quality, cost-effective medical care."
Service-oriented approach
BEA WebLogic Enterprise Security`s service-oriented approach replaces individual security silos with a shared application security infrastructure. The service-oriented approach allows existing security technology and code to be abstracted from individual applications, and turned into distributed enterprise "security services" that can implement and manage security requests on behalf of applications across the enterprise. This approach strengthens security while also increasing IT efficiency through reuse. BEA WebLogic Enterprise Security also offers out-of-the-box default security services that include: authentication, identity assertion, credential mapping, dynamic role mapping, rules-based parametric authorisation, and auditing.
Patented distributed computing security architecture
Unlike traditional approaches to application security that are based on client server architecture, BEA WebLogic Enterprise Security leverages a patented distributed computing security architecture that allows centralised policy control and visibility without hindering enterprise performance, scalability and reliability.
BEA`s unique and powerful provisioning capabilities allow security policy updates to be efficiently distributed to relevant policy decision and enforcement points, minimising network traffic and bandwidth requirements. Additionally, security policy that governs what a user can see and do can be evaluated in a high performing manner because security policy decision-making and enforcement points reside at the applications and resources they protect.
Enterprise security integration
BEA WebLogic Enterprise Security is designed to easily integrate into heterogeneous IT infrastructure, including diverse Web servers, application servers and custom applications. BEA`s open, standards-based architecture assures a seamless fit into existing architecture, eliminating the need for developers to hard-code application security integration. By allowing developers to focus more on value-add for their applications, BEA WebLogic Enterprise Security can help enterprises dramatically reduce application security complexity and improve overall IT efficiency.
Third-party interoperability
The open, interoperable framework of BEA WebLogic Enterprise Security ensures an organisation can easily integrate third-party security technologies to protect current and future security investments. These third-party technologies can be exposed as additional security services, which can then be leveraged throughout an enterprise. Additionally, BEA is committed to creating and supporting security standards, like the Security Assertion Markup Language (SAML), that can drive interoperability between heterogeneous systems, and can assure customers that BEA will continue to offer IT choice and flexibility.
"BEA WebLogic Enterprise Security is the industry`s best solution for allowing customers to deploy and manage application security policies with an open, standards-based, service-oriented framework," said Olivier Helleboid, executive vice-president for products, BEA Systems.
"Replacing the traditional proprietary, application-specific security solutions, BEA WebLogic Enterprise Security, with its patented distributed architecture, is designed to bring a true heterogeneous approach to enterprise security, while reducing complexity and cost. BEA WebLogic Enterprise Security embodies our industry leadership in architecture, standards and integration to help customers build, deploy, manage and secure applications and services to achieve faster time to value."
Share
BEA Systems, Inc (Nasdaq: BEAS) is the world`s leading application infrastructure software company, providing the enterprise software foundation for more than 13 000 customers around the world, including the majority of the Fortune Global 500. BEA and its WebLogic brand are among the most trusted names in business. Headquartered in San Jose, California, BEA has 81 offices in 34 countries. BEA Systems is the appointed distributor of BEA Systems Inc in SA and the southern African region. Headquartered in Johannesburg, BEA Systems has a satellite operation in Cape Town.
Visit our Web site: www.beasys.co.za or contact us telephonically on +27 11 257 3800.
Editorial contacts