"If it's web or secure web let it [potentially malicious traffic] go through".
This is where newer systems show their value in Caleno's eyes. While next generation firewalls do a solid job when it comes to detecting and blocking known attack vectors, business aware systems - that know the difference between a correctly formed and contextually valid HTTP request and a correctly formed but contextually invalid request that is not congruent with business processes and rules - are becoming increasingly important.
This is the difference between a next generation firewall and a business-aware web application firewall can do - and this is where Caleno sees Citrix's advantage and they can track everything that is happening from the application, running in a data centre, to the secure end-point device.
"It's about what fits into the valid business rules and what looks like a valid HTTP request," he says.
Caleno told us Citrix's CloudBridge solution can also secure data exchange between different infrastructure components. In today's cloud-enabled enterprise, it's possible that compute, applications, storage and other services may be separated from each other. Hence, there's a need, in company security policies, to reconsider how data is secured between components that historically resided in the one device or data centre.
Source: CSO Australia
Sign up for CIO Asia eNewsletters.