More and more enterprises are mobilizing their workforces – either via corporate mobile deployments or, increasingly, via the bring-your-own-device (BYOD) phenomenon. The growth in enterprise mobility creates a number of significant benefits, including:
Typically, in a corporate mobile deployment or BYOD scenario, smartphones and tablets will be leveraging rich apps that converse with an enterprise backend that uses relatively new message formats and transport protocols like XML, JSON and WebSockets, rather than HTML. A traditional Web Application Firewall (WAF) is not able to address these protocols.
Whether a client app is HTML5 or native, interactions with an enterprise are now executed over APIs using either a request/response or streaming message pattern. This creates a new attack surface that requires a new Mobile Application Firewalling approach to data and application security.
Layer 7’s SecureSpan Mobile Access Gateway ships with Mobile Application Firewalling functionality focused on mobile-specific API and data security. The Mobile Application Firewalling features of the SecureSpan Mobile Access Gateway protect backend applications against data tampering or threats in mobile data formats like XML and JSON.
Moreover, the Mobile Application Firewalling features of the Mobile Access Gateway protect REST and OData APIs against attack while also proxying important new streamed protocols like WebSockets and XMPP.