Net Security

06:00 AM
Jason Dover, Director of Product Line Management, KEMP Technologies
Jason Dover, Director of Product Line Management, KEMP Technologies
Commentary
100%
0%

Security Measures For Today's Networks

In an increasingly sophisticated threat environment, organizations need to ramp up their network security beyond firewalls and virus scanners.

With the widespread growth of  complex networks, security has never been more important or widely discussed. Nearly every day, headlines about the most recent data breach  populate the news cycle, and consumers are as wary as ever. Having an overall view of what it takes to build and maintain secure infrastructure is essential in order to keep today’s businesses up and running safely. Fortunately, there are many options available that make it possible to implement comprehensive security controls for any size company.

Fueled by an explosion in connected data and compute resources, attackers are becoming more sophisticated with a clear mission to obtain sensitive data. The modern persistent threat is not against a single piece of technology, but instead threatens any component that is part of a modern business application encompassing the application software, computer, storage and networking stacks.

Traditional techniques, such as firewall and virus scanners, are no longer sufficient as we see risks being amplified by an ever-expanding attack surface. As such, when it comes to protecting the network, one could argue that a “defense in breadth” strategy is required to complement the traditional defense-in-depth approach.

Any application exposed to the Internet needs to be protected from unauthorized users, sensitive data leakage, and an increasing variety of attack vectors. These factors are well-known and have led to the formation of a number of organizations that are concerned with the security of software, such as the Open Web Application Security Project. The OWASP Top 10 identifies perhaps the most significant set of threats known to plague network-based services.

A typical approach to mitigate such threats is to deploy a web application firewall to protect applications. One advantage of this is that if a vulnerability is found in an application and a software patch is not immediately available, a new WAF rule can be added in real time to ensure the application is protected. In fact, services exist to provide regular updates to a WAF to ensure continuous protection for applications. This can simplify the overhead of having to maintain effective security, especially for smaller companies.

It’s not only applications that are at risk; users are at risk too, and in turn the network itself is at risk from users. To protect the end users of network services, basic education on how to protect personal information and avoid common pitfalls such as phishing and malware can help, but the sophistication of assaults on users is increasing all the time. Simple passwords are no longer adequate, and need to be replaced with more secure multifactor authentication.

Even so, malware detection is then required both within the network and on the huge variety of end user devices. Given the number of different operating system versions and rapid release cycles in the phone and tablet industries the topic of “BYOD” now requires significant attention, especially when compliance to legislation such as that found in healthcare and finance is required.

Network infrastructure itself can also fall victim to malicious -- and even accidental -- actions of network administrators. Simple misconfiguration can result in exposure of data, performance impact or even a complete outage. On a more sinister level, seemingly innocent devices seeded with malware can allow almost undetectable access and subsequent exfiltration of data. This is where advanced analytic techniques can be used to identify anomalous behavior and provide a warning that the network has been compromised.

Whereas historically the data center and its associated networks were fairly static and slow to change, the modern paradigms of the software-defined data center and the cloud have introduced yet more challenges to maintaining security, but hopefully will offer more solutions as the market matures. More devices and more data means more risk, and the physical security of the network is more important than ever before. 

Network Computing invites industry experts and members of the IT community to contribute advice and thought leadership. For more information and a copy of our contributor guidelines, contact us at editors@networkcomputing.com. View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Ashu001
50%
50%
Ashu001,
User Rank: Ninja
12/20/2015 | 7:16:39 AM
How much do you feel Software Defined Datacentres will change things on the Security Front?
Jason,

Reading your blog and especially this part-

Whereas historically the data center and its associated networks were fairly static and slow to change, the modern paradigms of the software-defined data center and the cloud have introduced yet more challenges to maintaining security, but hopefully will offer more solutions as the market matures. More devices and more data means more risk, and the physical security of the network is more important than ever before.

I was left wondering about this key issue primarily from a security point of view.

Will the impact be very-very big?

Are most Enterprises prepared for the challenges arising here?

What about Infrastructure funding?

Are we doing enough as an Industry/Enterprise to keep up with the Issues concerned here?

Regards

Ashish.

 
Ashu001
100%
0%
Ashu001,
User Rank: Ninja
12/19/2015 | 12:19:45 PM
Its astounding observing by how much the Attack surface has increased.
When I was reading through this Blog,the very thought that kept on crossing my mind repeatedly is the vast extent(and reach) of Attack Surfaces for an attacker/malicious actor today.

All one needs to do is find one small bug/loophole in part of either the Customer-facing or supplier-related infrastructure and 9 times out of 10 ,the malicious actor is inside the Core Enterprise IT.

Given the exceptional reach of BYOD as well as IoT today this is much easier achieved than one cares to notice today.

Security has to scaleup from not just "Defense in Depth" to Total Granular Defense from the Smallest possible Unit of IT infrastructure out there.

Is the Intel system of EPID a step in the right direction?

Quite possibly especially given the kind of reach Intel's Processors have.

Will that be the only way to solve this grave issue?

Most definitely not.

We will see many more ways to tackle this vital issue going ahead.That much is certain.

 

 
Slideshows
Cartoon
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed