Wednesday, November 5, 2008

WebSphere Application Server V7.0 What new for Security

WebSphere Application Server V7.0 shipped some exciding new features for Security. WebSphere delivered a rich set of feature in providing greater granularity management of security controls, offering new Audit and Complicate features, and enhanced secure Proxy to meet your business.

Our new WebSphere Security Domains provide greater granularity management of security controls by offers more flexibility in configuring security under centralized management. WebSphere Security Domains is designed to allow for a separation of WebSphere administrative security and your business application security. For example, Business applications can be configured to use your external LDAP registry while the WebSphere administration can use your Federated Repository’s file base registry containing internal user. Further granularity can be further expanded between business applications by allowing separate security configuration between business applications using new security configuration scoping to a cell, a cluster, or application server level. This new level of security granularity provides significant new flexibility in the security mechanism implemented across various application portfolios.

Our new WebSphere Security Auditing feature offer enhanced complicacy and auditing capabilities. The auditing capabilities allow tracks a number of security related events. For Example of administrative actions that can be logged include: security configuration changes, key and certificate management, and access control policy changes. Business applications can be audited to record a number of security events such as authentication or authorization attempts. This new security logging and auditing capability ensures accountability for administrative actions. In addition, we offer a temper proof audit file to prevent any tempering of recorded audit data. For z/OS customers, the generated Auditing data optionally intergrades with the z/OS System Management Facility leveraging by recording the WebSphere Auditing data as part of the Auditing Type 83 records.

Our WebSphere Secure Proxy has been become a lot easier and more. The WebSphere Secure proxy offers a new DMZ Hardened Proxy profile option. The DMZ Hardened Proxy improves security by minimizing the number of external ports opened, loading only signed JARs, and running as an unprivileged user when binding to well known ports. Both static and dynamic routes are supported by the DMZ Hardened Proxy.

We encourage you to visit our WebSphere Application Server’s Infocenter under What New for more information on these features as well as the many other exciding features we are offering for WebSphere Application Server V7.


Nev said...

I presume that the second of the two new features is not only there to make the users job harder... or do you meant "compliancy"?

Steve Kinder said...

Nev, I presume you are speaking of Bill's description of the auditing capability. Its purpose to provide enterprise customers with a form trail of change history that can be protected from alternation by the people making the changes. It is merely to provide a credible, unchangeable history for those companies who may have regulatory or business processes that require a strict audit record of change.

Randy Schnier said...

Heh, yes...I think it's just a typo. Instead of "complicacy" it meant to say "compliancy."