Nonetheless, let’s briefly go through the exercise of justifying security anyway, just to introduce some common ways of thinking about it.
The fundamental purpose of security is to "keep the bad people out of your systems." More precisely, security is the process of applying various techniques to prevent unauthorized parties, known as intruders, from gaining unauthorized access.
Where an issue is unique to a specific version, it will be identified as such.
Because of the product changes that have been made to major versions of Web Sphere Application Server over time, be sure to refer to the archived article if you are using Web Sphere Application Server V6 or earlier, and refer to the previous article if you are using Web Sphere Application Server V6.1.
The point is that there are many different types of intruders, many different motivations for intruding, and, as you will see later, many different types of attacks.
You must be aware of this as you plan your security.
Wherever possible, references to appropriate resources are provided so that you can further explore related subtopics.
Security should not be seen as simply a gate that keeps the "outsiders" out. Many organizations today focus their security efforts entirely on people outside of the organization in the mistaken belief that only outsiders are a danger. For a large corporation, there are literally thousands of people -- many of whom are not employees -- that have access to the internal network.