Data Source Security
At no time does anyone from the outside world have access to a BWCU data base via the Internet. Any request for data must pass through two distinct validation and control centers, the Application Firewall and the Net-24 Server. Each request and answer is logged at each stop through the firewall. Any suspicious activity is logged and causes an alarm.

Firewall Segmentation
Any incoming request from the Internet is first captured by the Application Firewall and validated. The Application Firewall stops all incoming traffic. The Application Firewall then makes a request to the Net-24 Server mimicking the request made by the customer on the internet as long as that request is a valid secure HTML (port 443) request. The Net-24 Server will only take requests from the Firewall.

The Net-24 Server then makes a request to the Firewall speaking its own language on a secret port for a secret address. The Firewall again validates this request and talks to the credit union data base on its secret port for its secret address. Provided the request has followed the above listed steps, the credit union data base then receives the request for data. All ports and IP addresses used behind the Firewall are private and can not be routed via the Internet. Therefore, no communication is ever possible between the Internet and the credit union's private data base.

Real Time Security and Auditing
Through the use of blanketed network monitoring, the Application Firewall stands guard over the entire network, notifying the system administrator of any attempts of unauthorized access or hacking. Every transaction is audited and contains all network information. This allows the Application Firewall to act as an effective phone tap and tracing tool.

| Prev Page |