IBM Cognos Application Firewall
IBM® Cognos® Application Firewall (CAF)
is a security tool used to supplement the existing IBM Cognos software
security infrastructure at the application level. The IBM Cognos Application
Firewall analyzes, modifies, and validates HTTP and XML requests before
the gateways or dispatchers process them, and before they are sent
to the requesting client or service. It acts as a smart proxy for
the IBM Cognos product gateways and dispatchers, and
prevents the IBM Cognos components from malicious data. The
most common forms of malicious data are buffer overflows and cross-site
scripting (XSS) attacks, either through script injection in valid
pages or redirection to other Web sites.
The IBM Cognos Application Firewall provides IBM Cognos components with security features that include data validation and protection , logging and monitoring, and output protection. For more information, see Data Validation and Protection and Logging and Monitoring.
The IBM Cognos Application Firewall is enabled by default, and should not be disabled.
You can update the IBM Cognos Application Firewall independently of the other IBM Cognos components.
For more information about the IBM Cognos Application Firewall, see the Installation and Configuration Guide, and the Architecture and Deployment Guide.