Applying Application Intelligence to Cloud Computing Scenarios

By David Buckwald  |  Posted 2010-09-27 Print this article Print

Applying application intelligence to cloud computing scenarios

To resolve these common problems in cloud computing, IT requires a new approach to security: application intelligence. Utilizing application intelligence goes beyond the port and address-blocking of traditional firewalls to intelligently detect, categorize and control application traffic. With application detection, categorization and control, IT can block, restrict or prioritize any specific application-whether it is SAP, YouTube or LimeWire. IT can then effectively apply application intelligence solutions to each of the five aforementioned problems. Let's take a look:

1. Solving the P2P traffic problem

Because it can detect and categorize traffic by specific application signatures rather than by port or address, an application intelligence gateway is especially useful in controlling variable-port P2P applications. For example, a university IT department could have the flexibility and granular control to restrict student access to LimeWire to only 10 percent of available bandwidth, thereby protecting throughput while discouraging unproductive behavior.

2. Solving the streaming media problem

An application intelligence gateway can provide IT with granular control over streaming media and social networking applications. For instance, an administrator might permit members of a predefined Active Directory group for marketing staff to have access to YouTube sites for promotional activities, while restricting access to all others.

3. Solving the confidential data transmittal problem

IT could create and enforce application intelligence policy to detect and block e-mail attachments carrying a watermark indicating sensitive or proprietary information.

4. Solving the third-party e-mail problem

Filling a security gap left by most firewalls and e-mail security solutions, IT could use application intelligence to identify, scan and control any third-party Web mail traffic traversing the gateway (such as Hotmail and Gmail).

5. Solving the large file transfers problem

To restrict excessive-size file transfers, IT could configure application intelligence policy to identify and restrict FTP and P2P file transfers based upon predetermined size limitations.

David Buckwald is Director of Systems Engineering at SonicWALL. Prior to SonicWALL, David spent seven years at Aventail as the director of systems engineering for the United States. David has over 20 years of experience in networking, security, and systems management technologies. Prior to Aventail, David was a principal systems engineer at Tivoli Systems and a Certified Networking Specialist at IBM. David holds a Bachelor's degree in Computer Science from SUNY Potsdam and a Master's degree in Information Management from Polytechnic University. He can be reached at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel