Network security is any activity designed to protect the usability and integrity of your network and data. It includes both hardware and software technologies. Effective network security manages access to the network. It targets a variety of threats and stops them from entering or spreading on your network.
Almost all organizations and sectors are currently faced with the problem of insider threats to vital computer assets.
The issue is compounded by the emerging
Threats to security can cause more than just financial losses.
Working with our clients and vendors, we have seen a radical evolution in the nature and requirements of network security. There are many factors contributing to these changes, the most important of which is the shift in focus from so-called ‘network-level’ threats, such as connection-oriented intrusions and Denial of Service (DOS) attacks, to dynamic.
Increasing Complexity in Networks
A common environment today will have multiple access mechanisms into the network, including 802.11 wireless LAN (with myriad Client devices including portable computers, PDAs and Smart Phones), web portals for partners and customers, email servers, end-users using new communication platforms (such as Instant Messaging) and peer-to-peer applications for file sharing.
The workforce is becoming more mobile. From telecommuters who work from a home office to mobile workers who are never in a particular location for more than a day, this growing “distributed” model adds a significant amount of risk to the network. To help mitigate these risks, the IT manager must ensure that all remote locations and remote clients are protected with the same level of security as is present in the corporate network.
Increasing sophistication of applications & attacks
Applications are growing in complexity. Where Windows NT launched with 5 million lines of code in 1994, Windows Vista has over 50 million… more than 1,000% growth! With this increased complexity comes increased vulnerability, particularly in server systems, which must be patched on a regular system.
While applications are becoming more sophisticated, so are the attacks. A “serious” attack in the early 2000’s might have consisted of a simple indiscriminate DOS attack aimed at restricting or temporarily disrupting network access. Today’s serious attacks target applications themselves, and in many cases have goals of significant criminal intent.
Intrusion Attacks, Worms and Trojans
The grand-daddy of them all, the universe of Intrusion attacks is wide and deep. Intrusion attacks are modern threats that target applications and application layer protocols (e.g. using the SMTP protocol to exploit a buffer overflow on an Outlook Exchange server), rather than the networks they are transported on (e.g. DOS attacks that utilize ICMP echo and TCP SYN floods). Examples of common Intrusion attacks are Worms, Trojans, website cross-scripting, SQL injection and tampering, Outlook Exchange server attacks, Apache/IIS buffer overflow attacks, file-path manipulation etc.
The security appliance is now a dynamic threat prevention system that requires constant, real-time updates to its attack signature libraries, URL lists, virus definition files, etc. to ensure the network.
Viruses (and Worms) are a class of attack whereby an infected attachment or download causes damage to a host system or network.
The damage can range from minor (client DOS attack) to catastrophic (full-blown corruption of critical stored information or system registries). A critical trend that is resulting from the increased
There is also a new class of virus-related attack called a ‘blended threat’. A blended threat is a ‘perfect attack’ whereby a virus is accompanied by a number of other attack and intrusion techniques to maximize penetration and damage.
To protect against these types of attack, it is mandatory to have IPS and Gateway Antivirus (GAV) installed and activated in the network, whether it is provided by a Deep Packet Inspection is protected against threats that are present this hour… as well as those of last week, last month and last year.
There are three general classes of Spyware:
Instructions: IT Icons to be used as bullets for the below points
Spyware (and Adware) is one of the most misunderstood of the new generation of application-layer threats because there is no consensus on what defines a threat (or more appropriately, what the difference is between ‘annoying’ Adware and a true threat).
Generally consists of actions such as changing the default home page of your browser, or unsolicited/untargeted pop-up ads.
Collecting private information with the intent of sending the information to a collection server. The information is collected and sold to 3rd parties who have varying interests. Even today, this type of Spyware can be downloaded instantly on a Client device simply by visiting a URL. No further clicking is necessary. This type of Spyware is illegal and critical for an organization to detect and stop.
Cookies are the most common type of information collecting mechanism, but simple keystroke and activity loggers are becoming more common.
This class of Spyware is generally interested in collecting basic information about you, the sites you visit, and other preferences so that a 3rd party can send you targeted ads or promotions.
There is generally not malicious intent, but many would call this an invasion of privacy.
To further add to the complexity, there are three major Spyware delivery mechanisms:
The most ‘honest’ of the three mechanisms, embedded installs are typically Spyware/Adware elements that are embedded into programs or services that are downloaded from the web.
In this method, a banner ad or popup attempts to install software on a PC, usually through the ActiveX controls distributed within Windows and by default enabled in Internet Explorer.
Depending on the security settings on the PC browser, the Spyware downloads silently or was downloaded when the user clicked ‘Yes’ in the installer dialogue box.
In many cases, Drive- by’s also take advantage of browser exploits that can force an unsuspecting PC browser to automatically download and execute code that installs the Spyware.
As described above, targets vulnerabilities in the web browser code to install Spyware. A classic example is the Internet Explorer iFrame vulnerability. Because IE is such a targeted browser, many IT departments are migrating to alternate browsers such as Mozilla’s Firefox. This is only putting off the Spyware is difficult to stop because it requires so many technologies to detect and prevent the exploit. A robust Spyware prevention architecture will consist of both client/server and gateway-based elements.
Client and server based Anti-Spyware software will detect and try to prevent users from accessing known bad sites, and to a limited extent provide more advanced functionality to detect suspicious
Spam has grown into a major problem for all companies and organizations. Spam is especially problematic for public email addresses (listed on a website, for instance), or for common email addresses (support@your_company.com).
Spam is also the primary delivery mechanism for Phishing attacks, so its importance has grown over the years
Governmental Regulations Compliance
Another important trend affecting network security is the growing number of governmental regulations in the US and abroad.
Where the government has been lenient on conformance up to this point, they are starting to become much stricter on enforcing and penalizing violators.
Security as a tool to increase workforce productivity
One of the most profound impacts of security is how it is utilized across all types of organizations to increase operational efficiencies through enhanced workforce productivity. There are two main technologies that are helping achieve this:
Web Security and Policy Enforcement It is no longer a secret that a good amount of an average employee’s day can be spent online doing non-work-related activities. Web surfing, online shopping, online gambling, stock trading, and even online dating are a few of the more common uses of company Internet resources.
In addition to workforce productivity and liability protection, URL Filtering technology is also the first line of defense at preventing users from accessing Spyware sites. As noted in the previous section, however, Spyware is a much more complicated problem than URL filtering alone can handle.
How Frolgate addresses security concerns for customers
- Next Generation Firewalls
- Web Security
- Advanced Malware Protection
- Network visibility and segmentation
- E-mail security
- Unified Threat Management, and many more
- Provide access to any application, without compromising on security. All while gaining awareness of what is hitting your network.
What you can do with Software Defines Access:
Enhance security and compliance – Use end-to-end segmentation to keep user, device, and application traffic separate without redesigning the network.
Boost operational effectiveness – Deliver a consistent user experience anywhere, without compromise, using a single network fabric.
Improve the workforce experience – Automate user access policy and apply the right policies for users or devices to any application, across the network.
Expand business insights – Bring outdoor, rugged, and industrial IoT endpoints into the IT fold.