BEA tools up for apps security

BEA has released the first fruits of its acquisition of CrossLogix in February with the launch of WebLogic Enterprise Security for managing application security policy.

The product revolves around CrossLogix' centralized authentication policy manager and takes BEA into the increasingly hot market of application level protection – as opposed to the network level where most conventional security houses focus. The tool fits into the vision of BEA's CEO Alfred Chuang of a single platform from which all decisions are made, something BEA labels 'business process oriented programming'.

As well as authentication, the new offering will provide authorization and audit integration with single sign-on, through partnerships with Symantec and Verisign. "It's not a client/server architecture, but distributed in the sense that we take policy and configuration information centrally and distribute them to the services that run in the enterprise," BEA said. "The services never go back to the central server, they keep running, so when there are any changes to policy it's distributed to them.

"A lot of programs go back to the central server and ask for information, and that doesn't scale and that doesn't give you the performance you need."

©Copyright Rethink Research Associates 2003

Related Research
Get the News IS Weekly Newsletter, click here
CIO Survey: ERP Trends 2003
[Includes attitudes of CIOs to proposed Oracle/PeopleSoft takeover]