Web Security Infrastructure Study. For a Multinational Life Insurance Company. Topics Current State Concerns Recommendations. Presentation by Kankan Roy. Present Web Security Infrastructure. The security is built on the following components and their replication for hi-availability:
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
For a MultinationalLife Insurance Company
Presentation by Kankan Roy
The security is built on the following components and their replication for hi-availability:
Cisco 11503LB Load balancer
Amber point plug-in (for transparent re-direction)
ISA 2004 for NAT, Firewall, isolation of internal network
XML firewall (XS40), WebService Gateway (XI50)
External Active directory having trust relationship with internal AD granting security principals from external domain to access resources in the internal Windows forest.
External AD is used for Authentication and implemented by Security Configuration Layer (Web Applications’ web.config file). Given below is a snippet from a web application site:
Current AD based RABC identifies Web Directories as only Target using Web.Config
Device Interface for Authentication Mechanism can be any as per the user device interface (Form, Inter-active Voice/Phone, text Message)
Web Security Server uses Access Manager User Registry to Create Access Manager User Credential used for the duration of the session