Security

Network security is any activity designed to protect the usability and integrity of your network and data. It includes both hardware and software technologies. Effective network security manages access to the network. It targets a variety of threats and stops them from entering or spreading on your network.

Frolgate Technology and its partners in the vendor world present the various network security solutions to different threats caused to the computer system.

Almost all organizations and sectors are currently faced with the problem of insider threats to vital computer assets.

The issue is compounded by the emerging cloud based technology systems whose demand for secure connectivity is very high.

Threats to security can cause more than just financial losses. Frolgate Technology deals with the three primary goals of network security which are confidentiality, integrity, and availability. We do so by setting the security goals for different industries.

Working with our clients and vendors, we have seen a radical evolution in the nature and requirements of network security. There are many factors contributing to these changes, the most important of which is the shift in focus from so-called ‘network-level’ threats, such as connection-oriented intrusions and Denial of Service (DOS) attacks, to dynamic. Frolgate will help you come up with or improve your security compliance to reduce business risks associated with security breaches.

Increasing Complexity in Networks

Frolgate Pre-sales research engineers have noted that where a network 10 years ago might have consisted of a LAN connected to the Internet through a WAN connection, and maybe a few remote accesses or site-to-site VPN tunnels, the reality today is much more complex.

A common environment today will have multiple access mechanisms into the network, including 802.11 wireless LAN (with myriad Client devices including portable computers, PDAs and Smart Phones), web portals for partners and customers, email servers, end-users using new communication platforms (such as Instant Messaging) and peer-to-peer applications for file sharing.

The workforce is becoming more mobile. From telecommuters who work from a home office to mobile workers who are never in a particular location for more than a day, this growing “distributed” model adds a significant amount of risk to the network.  To help mitigate these risks, the IT manager must ensure that all remote locations and remote clients are protected with the same level of security as is present in the corporate network.

Increasing sophistication of applications & attacks

Applications are growing in complexity.  Where Windows NT launched with 5 million lines of code in 1994, Windows Vista has over 50 million… more than 1,000% growth!  With this increased complexity comes increased vulnerability, particularly in server systems, which must be patched on a regular system.

While applications are becoming more sophisticated, so are the attacks. A “serious” attack in the early 2000’s might have consisted of a simple indiscriminate DOS attack aimed at restricting or temporarily disrupting network access.  Today’s serious attacks target applications themselves, and in many cases have goals of significant criminal intent.

Intrusion Attacks, Worms and Trojans

The grand-daddy of them all, the universe of Intrusion attacks is wide and deep.  Intrusion attacks are modern threats that target applications and application layer protocols (e.g. using the SMTP protocol to exploit a buffer overflow on an Outlook Exchange server), rather than the networks they are transported on (e.g. DOS attacks that utilize ICMP echo and TCP SYN floods).  Examples of common Intrusion attacks are Worms, Trojans, website cross-scripting, SQL injection and tampering, Outlook Exchange server attacks, Apache/IIS buffer overflow attacks, file-path manipulation etc.

The security appliance is now a dynamic threat prevention system that requires constant, real-time updates to its attack signature libraries, URL lists, virus definition files, etc. to ensure the network.

Viruses

Viruses (and Worms) are a class of attack whereby an infected attachment or download causes damage to a host system or network.

The damage can range from minor (client DOS attack) to catastrophic (full-blown corruption of critical stored information or system registries).  A critical trend that is resulting from the increased

There is also a new class of virus-related attack called a ‘blended threat’.  A blended threat is a ‘perfect attack’ whereby a virus is accompanied by a number of other attack and intrusion techniques to maximize penetration and damage.

To protect against these types of attack, it is mandatory to have IPS and Gateway Antivirus (GAV) installed and activated in the network, whether it is provided by a Deep Packet Inspection is protected against threats that are present this hour… as well as those of last week, last month and last year.

There are three general classes of Spyware:

Instructions: IT Icons to be used as bullets for the below points

Spyware

Spyware (and Adware) is one of the most misunderstood of the new generation of application-layer threats because there is no consensus on what defines a threat (or more appropriately, what the difference is between ‘annoying’ Adware and a true threat).

Harmless-But-Annoying

Generally consists of actions such as changing the default home page of your browser, or unsolicited/untargeted pop-up ads.

Malicious

Collecting private information with the intent of sending the information to a collection server.  The information is collected and sold to 3rd parties who have varying interests.  Even today, this type of Spyware can be downloaded instantly on a Client device simply by visiting a URL. No further clicking is necessary.  This type of Spyware is illegal and critical for an organization to detect and stop.

Information-Collecting

Cookies are the most common type of information collecting mechanism, but simple keystroke and activity loggers are becoming more common. 

This class of Spyware is generally interested in collecting basic information about you, the sites you visit, and other preferences so that a 3rd party can send you targeted ads or promotions. 

There is generally not malicious intent, but many would call this an invasion of privacy.

To further add to the complexity, there are three major Spyware delivery mechanisms:

Embedded Installs

The most ‘honest’ of the three mechanisms, embedded installs are typically Spyware/Adware elements that are embedded into programs or services that are downloaded from the web.

Drive-by Installs

In this method, a banner ad or popup attempts to install software on a PC, usually through the ActiveX controls distributed within Windows and by default enabled in Internet Explorer. 

Depending on the security settings on the PC browser, the Spyware downloads silently or was downloaded when the user clicked ‘Yes’ in the installer dialogue box. 

In many cases, Drive- by’s also take advantage of browser exploits that can force an unsuspecting PC browser to automatically download and execute code that installs the Spyware.

Browser Exploit

As described above, targets vulnerabilities in the web browser code to install Spyware.  A classic example is the Internet Explorer iFrame vulnerability.  Because IE is such a targeted browser, many IT departments are migrating to alternate browsers such as Mozilla’s Firefox.  This is only putting off the Spyware is difficult to stop because it requires so many technologies to detect and prevent the exploit.  A robust Spyware prevention architecture will consist of both client/server and gateway-based elements.

Client and server based Anti-Spyware software will detect and try to prevent users from accessing known bad sites, and to a limited extent provide more advanced functionality to detect suspicious behaviour from actual downloads and ActiveX controls. The software will also inspect individual system memory, system registries, start-up files and other stored items to detect and remove Spyware.  While necessary, client and server-based Anti-Spyware software are not enough.

Spam

Spam has grown into a major problem for all companies and organizations.  Spam is especially problematic for public email addresses (listed on a website, for instance), or for common email addresses (support@your_company.com). 

Spam is also the primary delivery mechanism for Phishing attacks, so its importance has grown over the years

Governmental Regulations Compliance

Another important trend affecting network security is the growing number of governmental regulations in the US and abroad.

Where the government has been lenient on conformance up to this point, they are starting to become much stricter on enforcing and penalizing violators.

Security as a tool to increase workforce productivity

One of the most profound impacts of security is how it is utilized across all types of organizations to increase operational efficiencies through enhanced workforce productivity.  There are two main technologies that are helping achieve this:

Web Security and Policy Enforcement It is no longer a secret that a good amount of an average employee’s day can be spent online doing non-work-related activities.  Web surfing, online shopping, online gambling, stock trading, and even online dating are a few of the more common uses of company Internet resources.

In addition to workforce productivity and liability protection, URL Filtering technology is also the first line of defense at preventing users from accessing Spyware sites.  As noted in the previous section, however, Spyware is a much more complicated problem than URL filtering alone can handle.

How Frolgate addresses security concerns for customers

Frolgate responds with some of the following solutions and more;

  • Next Generation Firewalls
  • Web Security
  • Advanced Malware Protection
  • Network visibility and segmentation
  • E-mail security
  • Unified Threat Management, and many more
  • Provide access to any application, without compromising on security. All while gaining awareness of what is hitting your network.

What you can do with Software Defines Access:

Enhance security and compliance – Use end-to-end segmentation to keep user, device, and application traffic separate without redesigning the network.

Boost operational effectiveness – Deliver a consistent user experience anywhere, without compromise, using a single network fabric.

Improve the workforce experience – Automate user access policy and apply the right policies for users or devices to any application, across the network.

Expand business insights – Bring outdoor, rugged, and industrial IoT endpoints into the IT fold.