Net­works are Chang­ing; Se­cu­rity Needs to Keep Up

DQ Channels - - Channel Pulse - RA­JESH MAU­RYA, (Re­gional Di­rec­tor, In­dia & SAARC, Fortinet)

net­works are cur­rently un­der­go­ing dra­matic change. Or­ga­ni­za­tions are si­mul­ta­ne­ously wrestling...

Net­works are cur­rently un­der­go­ing dra­matic change. Or­ga­ni­za­tions are si­mul­ta­ne­ously wrestling with is­sues such as BYOD, IoT, vir­tu­al­iza­tion, SDN, cloud, the pro­lif­er­a­tion of ap­pli­ca­tions, Big Data, and the ex­pec­ta­tions of the next gen­er­a­tion of em­ploy­ees to blend their work and their per­sonal lives on a sin­gle de­vice of their choos­ing, with in­stant ac­cess to any data, at any time, from any lo­ca­tion.

This has ex­po­nen­tially in­creased the at­tack sur­face that or­ga­ni­za­tions need to be con­cerned with. For ex­am­ple:

IoT and cloud so­lu­tions mean or­ga­ni­za­tions need to worry about an at­tack sur­face that many times may not be vis­i­ble to IT.

Many IoT de­vices are head­less, run sim­ple com­mu­ni­ca­tions pro­to­cols, and are un­able to run a client or even be patched. They rely ex­clu­sively on the ac­cess net­work for se­cu­rity.

Crit­i­cal and pro­pri­etary busi­ness data is be­ing moved into the cloud and man­aged by third par­ties. Known as Shadow IT, this trend is ex­pand­ing, with many or­ga­ni­za­tions sim­ply un­aware of where data is cur­rently lo­cated or what se­cu­rity mea­sures are in place to pro­tect it.

The trans­for­ma­tion to a dig­i­tal busi­ness model has ex­tended the net­work be­yond the perime­ter, which means that to­day’s net­works and their re­lated se­cu­rity are be­com­ing bor­der­less.

BYOD de­vices are highly mo­bile, blend per­sonal and work pro­files, and rep­re­sent real risk as crit­i­cal data is ac­cessed from public lo­ca­tions, or when de­vices are lost or stolen.

The prob­lem is com­pounded by the pro­lif­er­a­tion of point se­cu­rity prod­ucts em­bed­ded across the dis­trib­uted net­work. The ten­dency as our net­works be­come more com­pli­cated is to add new se­cu­rity de­vices to an al­ready over­bur­dened wiring closet. But the truth is that com­plex­ity is the en­emy of se­cu­rity. Siloed se­cu­rity so­lu­tions with sep­a­rate man­age­ment in­ter­faces and no mean­ing­ful way to gather or share threat in­for­ma­tion with other de­vices on your net­work are only marginally use­ful. The truth is, many new so­lu­tions never ac­tu­ally get fully de­ployed be­cause there sim­ply isn’t enough man­power to as­sign to in­stalling, man­ag­ing, op­ti­miz­ing, and up­dat­ing an­other com­pli­cated de­vice.

Instead, the re­sponse to in­creas­ingly com­pli­cated net­worked en­vi­ron­ments needs to be sim­plic­ity. Se­cur­ing these evolv­ing en­vi­ron­ments re­quires three things:

Collaborative in­tel­li­gence- Lo­cal and global threat in­tel­li­gence needs to be shared be­tween se­cu­rity de­vices, and a co­or­di­nated re­sponse be­tween de­vices needs to be or­ches­trated cen­trally.

Seg­men­ta­tion- Net­works need to be in­tel­li­gently seg­mented into func­tional se­cu­rity zones. End to end seg­men­ta­tion, from IoT to the cloud, and across phys­i­cal and vir­tual en­vi­ron­ments, pro­vides deep vis­i­bil­ity into traf­fic that moves lat­er­ally across the dis­trib­uted net­work, lim­its the spread of mal­ware, and al­lows for the iden­ti­fi­ca­tion and quar­an­tin­ing of in­fected de­vices.

Uni­ver­sal pol­icy- A cen­tral­ized se­cu­rity pol­icy en­gine that de­ter­mines trust lev­els be­tween net­work seg­ments, col­lects real time threat in­for­ma­tion, es­tab­lishes a uni­fied se­cu­rity pol­icy, and dis­trib­utes ap­pro­pri­ate or­ches­trated pol­icy en­force­ment

Which is why Fortinet has in­tro­duced its new se­cu­rity fab­ric ar­chi­tec­ture. It is de­signed to in­te­grate se­cu­rity tech­nolo­gies for the end­point, ac­cess layer, net­work, ap­pli­ca­tions, data cen­ter, con­tent, and cloud into a sin­gle collaborative se­cu­rity so­lu­tion that can be or­ches­trated through a sin­gle man­age­ment in­ter­face.

The Fortinet Se­cu­rity Fab­ric’s ar­chi­tec­tural-based ap­proach is based on five key prin­ci­ples:

Scal­a­bil­ity: The Fortinet Se­cu­rity Fab­ric pro­tects the En­ter­prise from IoT to the Cloud.

A com­pre­hen­sive se­cu­rity strat­egy needs both depth (per­for­mance and deep in­spec­tion) and breadth (end to end.) Se­cu­rity not only needs to scale to meet vol­ume and per­for­mance de­mands, it needs to scale lat­er­ally, seam­lessly track­ing and se­cur­ing data from IoT and end­points, across the dis­trib­uted net­work and data cen­ter, and into the cloud.

The Fortinet Se­cu­rity Fab­ric pro­vides seam­less, ubiq­ui­tous pro­tec­tion across the dis­trib­uted En­ter­prise, from IoT to the Cloud, as well as in­spec­tion of packet data, ap­pli­ca­tion pro­to­cols, and deep anal­y­sis of un­struc­tured con­tent – all at wire speeds.

Aware­ness: The Fab­ric be­haves as a sin­gle en­tity from a Pol­icy and Log­ging per­spec­tive, en­abling end-to-end Seg­men­ta­tion in or­der to re­duce the risk from ad­vanced threats.

You not only need to see data that flows into and out of your net­work, but how that data tra­verses the net­work once it’s in­side the perime­ter.

The Fortinet Se­cu­rity Fab­ric en­ables end-to-end net­work seg­men­ta­tion for deep vis­i­bil­ity and in­spec­tion of traf­fic trav­el­ling across the net­work, and con­trol of who and what gets to go where, thereby re­duc­ing the risk from ad­vanced threats. This in­cludes high-per­for­mance de­cryp­tion and in­spec­tion of en­crypted SSL traf­fic, where many new threats like to hide be­cause most se­cu­rity tech­nolo­gies don’t have enough re­sources to in­spect this data.

Se­cu­rity: Global and Lo­cal threat in­tel­li­gence and mit­i­ga­tion in­for­ma­tion can be shared across in­di­vid­ual prod­ucts to de­crease Time to Pro­tect.

Not only does se­cu­rity need to in­clude pow­er­ful se­cu­rity tools for the var­i­ous places and func­tions of your net­work, but true vis­i­bil­ity and con­trol re­quires that these dis­crete el­e­ments work to­gether as an in­te­grated se­cu­rity sys­tem.

The Fortinet Se­cu­rity Fab­ric be­haves as a sin­gle collaborative en­tity from a Pol­icy and Log­ging per­spec­tive, al­low­ing in­di­vid­ual de­vice el­e­ments to share Global and Lo­cal threat in­tel­li­gence and threat mit­i­ga­tion in­for­ma­tion.

Ac­tion­able: Big Data cloud sys­tems cor­re­late threat in­for­ma­tion and net­work data to de­liver Ac­tion­able Threat In­tel­li­gence in real time.

It’s not enough to de­tect bad traf­fic or block mal­ware us­ing dis­crete se­cu­rity de­vices. You need a com­mon set of threat in­tel­li­gence and cen­tral­ized or­ches­tra­tion that al­lows your se­cu­rity to dy­nam­i­cally adapt as a threat is dis­cov­ered any­where, not just in your net­work, but any­where in the world.

Fortinet’s Big Data cloud sys­tems cen­tral­ize and cor­re­late global threat in­tel­li­gence with lo­cal net­work data to de­liver con­sis­tent, ac­tion­able threat in­tel­li­gence to ev­ery se­cu­rity de­vice in the Fortinet Se­cu­rity Fab­ric in real time. This en­sures that your se­cu­rity de­vices have a uni­fied view across the dis­trib­uted at­tack sur­face, can share threat in­tel­li­gence, and re­spond to threats in a co­or­di­nated fash­ion.

Open: Well-de­fined, open APIs al­low lead­ing tech­nol­ogy part­ners to be­come part of the fab­ric.

Most or­ga­ni­za­tions have de­ployed se­cu­rity de­vices from a dozen or more ven­dors in­side their net­works. This rep­re­sents an sig­nif­i­cant in­vest­ment in money and re­sources. Of course, a truly in­te­grated se­cu­rity fab­ric will let you max­i­mize these ex­ist­ing in­vest­ments in se­cu­rity tech­nolo­gies.

This is why Fortinet has de­vel­oped a se­ries of well-de­fined, open APIs that al­low tech­nol­ogy part­ners to be­come part of the Fortinet Se­cu­rity Fab­ric at a num­ber of crit­i­cal in­ter­ac­tion points, in­clud­ing at the hy­per­vi­sor, the SDN or­ches­tra­tion controller, in the cloud, in the sand­box to de­tect day-zero threats, and through log­ging and pol­icy man­age­ment.

The Fortinet Se­cu­rity Fab­ric is de­signed to pro­vide the scal­a­bil­ity, aware­ness, se­cu­rity, , ac­tion­able in­tel­li­gence, and open API strat­egy your or­ga­ni­za­tion needs to se­cure your evolv­ing dig­i­tal busi­ness. It en­ables the se­cu­rity, flex­i­bil­ity, per­for­mance, col­lab­o­ra­tion, adapt­abil­ity, and man­age­abil­ity you de­mand across your phys­i­cal, vir­tual, and cloud en­vi­ron­ments, from IoT to the cloud.

More on the web: Read the com­plete story at www.dqchan­nels.com

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.