Application security enables security for the applications in your environment. This type of security provides application isolation and requirements for authenticating application users.
In previous releases of WebSphere® ESB, when a user enabled global security, both administrative and application security was enabled. The notion of global security is now split into administrative security and application security, each of which you can enable separately.
The administrative security of WebSphere ESB is enabled by default. Application security is also enabled by default. Application security is in effect only when administrative security is enabled.