Tutorials Client ServerClient-server environments are popular because they increase application processing efficiency while reducing costs and gaining the maximum benefit from all resources working together. These benefits are gained by splitting processing between the client machine/software and server machine/software. Each process works independently but in cooperation and compatibility with other machines and applications (or pieces of applications).
All independent processing must be performed to complete the requested service. Cooperation of application processing produces another client-server advantage, it reduces network traffic. Since each node (client and/or server) performs part of the processing within itself, network communication can be kept to a minimum. For example, static processes, like menus or edits, usually take place on the client-side. The server, on the other hand, is responsible for processes like updating and reporting.
There are three components to client-server environments: the client, the server (there may be multiple servers), and the network. The network bridges the physical and functional separation between the client and the server. The multiple connections possible between clients and multiple servers really provides the visual of a web or network. Networks provide a flexible environment where clients can mix and match hardware, software, and operating systems.
However, the very characteristic that make client-servers popular are also what make it the most vulnerable to breaches in security. It is precisely the distribution of services between client and server that open them up to damage, fraud, and misuse. Security consideration must include the host systems, personal computers (PCs), local area networks (LANs), global wide area networks (WANs), and users. Because security investments don’t produce immediately visible returns and client-server buyers sometimes don’t educate themselves about security, this area of development is often overlooked until a problem occurs.
This article will discuss the different components of client-server technology that require security. Finally, we will discuss endpoint security and its most common forms, such as firewalls and anti-virus technology.
Desktops are the front-end system devices, the ones that deal most directly with user input. They are also the least secure environments in client-server models. Clients connect to servers and these connections, if left open or not secured, provide entry points for hackers and other intruders that may use data for nefarious purposes. Aside from physical client security in the form of disk drive locks or diskless workstations that prohibit the loading of unauthorized software or viruses, accessibility to all files stored on a workstation operating system is the other gaping security hole in clients.
For example, the machine assumes that whoever turns on the computer is the owner of all the files stored on it. They even have access to configuration files. This could result in sabotage or the leaking of sensitive data. The transmission of corrupted data may also occur on the level of the operating system, outside the realm of client-server application security, as data is transferred to different tiers of the architecture.
However, the primary culprits of breaching client security are not hackers or viruses, but the users themselves. The front-line of defense in client security is user identification and authentication. The easiest way to gain illegal access to computers is to get users’ login ID and passwords. Sometimes users pick short or easily guessed passwords or share their passwords with others.
Password management provides a security measurement for this by requiring a minimum amount of characters to be used in passwords checking passwords for guessability, and regularly asking users to change their passwords. For example, more organizations are adopting policies of ‘passphrases’ rather than passwords that are more complicated and harder to identify or guess.
According to ‘networkworld.com’, which conducts tests on new technology to compile its ‘best products’ issue, the best client-side security product is McAfee’s Secure Web Gateway. In its testing, it deflected most spyware attacks. The system contains a scheme (minimalist, multi-paradigm programming language) that proactively detects and blocks spyware. It also updates daily. Gateways are nodes on a network that create entrances to other networks. It routes traffic from workstations to broader networks. Therefore, securing the gateways will prevent malware from ever reaching the client. OmniQuad’s Antispy Enterprise also won high marks from ‘networkworld.com’ testers.
Next Page: Server and Network Security
