Application Security

Array application security provides hardware SSL encryption, certificate-based access control and deep packet inspection to secure end-user transactions and protect servers and applications while maintaining application performance.

SSL Encryption

SSL encryption is essential for e-commerce, healthcare and financial services applications, cloud services and other business critical processes that leverage the Internet. APV Series appliances encrypt all secure transactions using SSL and offload bulk encryption processing and key exchange from servers to enable improved availability, server utilization and end-user response times. Delivering industry-leading scalability and price-performance for both 1024 and next-generation 2048-bit encryption, APV appliances provide enterprise and service provider-class secure transaction processing that is both modern and cost-effective.

Certificate Management

Array’s hardware SSL module eliminates the need to purchase and install SSL certificates for every server in the data center; one certificate representing an SSL enabled DNS can be installed on the APV appliance to greatly reduce the cost of certificates and annual renewals. APV appliances also support up to 256 unique SSL enabled DNS names on a single system, making them scalable platforms for deploying cloud and managed service offerings.

SSL Client Certificates

APV Series appliances can concurrently validate hundreds of thousands of SSL client certificates to perform authentication and authorization on behalf of applications. APV appliances can extract any SSL client certificate field, including custom fields, and pass the information to applications via HTTP headers, URLs and cookies for enhanced access control. APV appliances are fluent in a range of cipher suites and certificate formats and allow administrators to set precedence for custom cipher suites. In addition, the high-performance Array CRL module can concurrently revoke millions of client certificates for validity without impacting system or application performance.

Application Security

APV Series appliances integrate application firewall capabilities including rich deep packet inspection and application layer protections. APV appliances support content filtering, HTTP access method filters and URL filtering capabilities and protect against targeted attacks that include cross-site scripting, SQL injection, forceful browsing, cookie poisoning and malformed URLs. By understanding SSL Session ID, cookie and HTTP header information, APV appliances can effectively gain control over application sessions, thereby protecting against identity theft, session hijacks and cookie tampering. APV Series appliances also protect applications from buffer overflow attacks, parser evasion attacks and directory traversal attacks in addition to providing high-bit shellcode protection.

Network & Server Security

APV Series appliances are security-hardened to protect applications and servers from DDoS, Syn-flood, tear drop, ping-of-death, Nimda and many other attacks. It also integrates extensive network firewall capabilities including access control lists (ACL), network address translation (NAT), and stateful packet flow inspection to guard against unauthorized access without impacting system or application performance.

Standards & Compliance

Many organizations, such as those in the healthcare, government and financial sectors, are subject to regulations at many levels and require IT infrastructure with both the flexibility and security to fully meet requirements. Accordingly, APV Series network, server and application layer security is compliant with all PCI-DSS and HIPAA standards.