Chapter 2 Security Planning; Application Gateway Security Overview - Nortel 1000 Integration Manual

Chapter Chapter 2
Security Planning

Application Gateway Security Overview

Security is a major issue in conducting any business. This chapter provides
an overview of Application Gateway security. This chapter is not intended
to be a comprehensive guide to planning a security strategy, as these
issues will vary by organization. However, this chapter provides a starting
point for security planning and outlines how the Application Gateway is
capable of addressing a wide range of business and enterprise policy
requirements.
The following topics describe Application Gateway security:
Application Gateway Security Overview, page 7
General Security Issues, page 9
Application Gateway Security Solutions, page 11
The Application Gateway is a transparent network appliance. It leverages
existing security infrastructure to provide seamless, end-to-end, secure
communication between devices and enterprise application servers. The
Application Gateway sits behind a corporate firewall, uses standard
security mechanisms, and is resistant to invasion.
Many devices, including IP telephones, lack security and encryption
features. The Application Gateway, when used with secure web and
application servers, can reduce the potential security issues associated
with using such equipment.
Because IP phones themselves do not have security policies,
communication between the Application Gateway and IP phones is over
an insecure channel. However, the Application Gateway can be deployed
behind a firewall to provide a secure gateway to protect IP telephone
connections beyond the firewall.
Application Gateway Network Integration Guide
7