[Agenda] [Examples] [Network Partitioning] [Concepts] [Policy] [Process] [Organization] [HW-SW] [Cases studies] [Conclusion] [Resources]
[first slide] Application layer controls [previous slide] [next slide]
* Network Partitioning applies security at the network layer with IP filtering
o IP filtering can go up to application layer controls
o Within the same session with cut-thru proxies
o Many existing filtering devices use application proxies when necessary

* Application layer controls you may find
o Commands within a protocol
- GET vs PUT in FTP
- Databases SELECT in SQLNet
- Fields size in SMTP
o Data type
- Word document, Java mobile code, ActiveX mobile code
o Content-filtering
- Hidden mobile code: Javascript in HTML, macros in Word, Excel, etc
- XML Signature
- Virus detection
*********************************************************************
HSC ® © Hervé Schauer Consultants December 1999 - 142, rue de Rivoli - F-75001 Paris - France
Phone: +33 141 409 700 - Fax: +33 141 409 709 - Email: <secretariat@hsc.fr>
- Page 29 -