Welcome to the Proxy Update, your source of news and information on Proxies and their role in network security.

Monday, May 5, 2008

Mash Up?

You may have been hearing the term "mashup" more and more when referring to web pages and websites. But what's the implication for the IT administrator, the end-users and the security proxy?

First we have to talk about what a "mashup" refers to. A mashup web page is when a web page or web application delivers content on demand that is a combination of different mediums and applications. The wikipedia link above to the definition of mashup uses the example of when google maps are used in a real estate page to build a full page combining not only map data, but photos, video and other information for the end-user. The key here is personalized content.

That's great for the end-user. It means getting better information, quicker than ever before. But it may become the IT administrator's nightmare. The biggest problem with the mashup is that the old web security technologies in proxies may not be able to recognize the threats that come in the form of a mashup. URL databases that do web crawls may not necessarily get the same information that the end-user gets, because the personalized content will be delivered based on the end-user's history with the website, something the web crawler won't have.

As the web becomes more and more dynamic the old URL databases and database filtering will become less and less relevant for companies that are trying to enforce web access policies. A company with a policy against pornography in the workplace, may find it more and more difficult to enforce this policy with just URL database filtering. More and more, it will be necessary to evaluate web pages real-time based on actual content being delivered to the end-user and the need to evaluate embedded URL's in delivered content. An embedded URL in a mashup needs to be evaluated independently of the web page, as it can come from anywhere in the world wide web. Unfortunately web reputation is going to be less and less important as more well known websites get infiltrated.

What does all of this mean for the IT administrator? It means ensuring they have the latest security tools in their proxy's arsenal. Real time virus scanning, real time URL categorization, and embedded URL checking are just a few of the technologies the IT administrator needs to be looking for in their proxy. It's going to be important to keep track of new technologies as they evolve and make sure they get deployed successfully after a reasonable testing phase.

No comments: