Successful security

One –third of all IT organisations remain locked in a reactive cycle, proceeding from one security drill to the next, unable to change course, says research firm Meta Group. The remainder are not much better off, purchasing and deploying one security tool after the next, increasing the architectural and management complexity of their networks, yet still being impacted by security breaches regularly.

  • E-Mail
By  Angela Sutherland Published  February 19, 2006

|~||~||~|One –third of all IT organisations remain locked in a reactive cycle, proceeding from one security drill to the next, unable to change course, says research firm Meta Group. The remainder are not much better off, purchasing and deploying one security tool after the next, increasing the architectural and management complexity of their networks, yet still being impacted by security breaches regularly. The bottom line is that enterprises are still struggling to achieve security effectiveness, while associated complexities and costs continue to mount. However, as spyware and adware infections become widespread on enterprise networks, corporate IT departments are beginning to reinforce their network perimeters with a comprehensive security strategy. The strategy, known as unified threat management, puts multiple layers of hardware and software protection into one package. With this strategy, CIOs have the ability to apply an exhaustive, bundled approach that layers security by combining software and hardware. One organisation in the Middle East that has adopted this approach and successfully managed a comprehensive security deployment is the Mashreqbank. The bank has deployed SonicWall technologies to cover the bank’s ATM security requirements in the UAE. It has purchased 100 units of the vendor’s firewall total security platform after benchmarking the solution against competitor products. Bulwark Technologies deployed the security solution with close support from Mindscape Information Technology, which manages Mashreqbank’s internal technology infrastructure, and technical assistance from Haris Al Afaq, a SonicWall distributor. After rigorous testing and benchmarking procedures, the bank decided to adopt SonicWall Firewall Appliances with Global Management System (GMS) technologies due to its centralised management features, ease of deployment, user-friendly interface and high availability. “We needed a solution that met all our requirements and SonicWall was able to do that,” says Hariharan Iyer, head of information security for Mindscape. Mashreqbank says it needed to strengthen its ATM network in order to have a security mechanism in place that provided a secure transaction environment for its customers. “There is no 100% security, however, there is a core banking security architecture that we have followed with this deployment. We have to comply with a certain security standard and that is what we have done. Mashreqbank has security parameters, and we adhere to those parameters,” says Iyer. Security threats are changing everyday and Mashreqbank’s aim is to provide an ATM network that has the ability to provide security assurance. The bank has deployed a solution that provides a total security platform delivering layered protection through an integrated deep packet inspection firewall. Its compact form includes a single auto-MDIX Ethernet wide area network (WAN) port and four-port auto-MDIX large area network (LAN) switches, allowing multiple devices to connect safely to the network. These solutions also support hardware-accelerated IPSec 3DES and AES encryption, as well as SonicWall Global VPN Client upgrades for secure remote access to critical network resources. “Building on SonicWall’s deep packet inspection architecture, firewall provides layered security by integrating gateway anti-virus, anti-spyware and intrusion prevention capabilities for real-time protection against viruses, spyware, worms, Trojans and other malicious threats,” says Shahnawaz Sheikh, SonicWall regional sales manager Middle East and Africa (MEA). The five-month implementation went smoothly without any major glitch, however, Mashreqbank’s Iyer says the most challenging aspect of the deployment was ensuring that every single ATM provided a secure environment to the bank’s customers. “It was a comprehensive deployment as lots of branches and ATMs were involved. Multiple devices and locations were involved so we had to adhere to a rather comprehensive logistics plan. There was a lot of work involved. For instance, each location went into a separate assessment mode and that took a long time. The deployment did not have any major problem, however, the major challenge was ensuring that every ATM was secure,” he explains. “Each ATM is a separate entity and has its own risks and we had to take that into consideration and make sure every single ATM was managed well. We had to ensure that all the hardware and software on the ATM network was security complaint,” says Iyer. “The goal of the bank is to make sure that all its ATMs are available to customers 24/7. Financial institutions can not afford to have a downtime.” Jose Thomas, director of operations at Bulwark Technologies, shares Iyer’s sentiments. He says it is critical to deploy security solutions that work effectively. “We evaluated various firewalls before we signed up with SonicWall as a Medallion Partner in UAE two years ago. With SonicWall’s Global Management System (GMS), multiple firewall units could be put in service in a short time span, including group policies, central management, useful reporting and flexibility to allow for future product security upgrades.” Microsoft’s security chief, Scott Charney, warns with the arrival of internet protocol (IP) networks, telephones could soon be just as vulnerable as PCs. Next generation IP-based telephone network will see the telephone become more than just a dumb terminal, moving more power to the edge of the network. “While such a move will help drive business innovation as people create new applications, it also carries new threats to enterprise networks,” says Charney. Networking giant Cisco Systems says it is not just antivirus anymore. It is blended threats, be it worms, viruses, spyware, malware, Trojans and the industry needs to address this growing complexity of attacks. Late 2005, the vendor launched the second phase of its Network Admission Control (NAC) solutions. NAC is Cisco’s two-year-old project that aims to develop “self-defending networks”, enforcing security compliance on user devices before they can gain access to the large area network (LAN). Under NAC, companies can allow network access only to compliant and trusted endpoint devices. The second phase, NAC II, adds support to Cisco’s Catalyst switches and wireless devices. “The time has come for organisations to take a close look at their security requirements and find ways of managing threats. The minute you solve one security issue, there is always the next one,” says Jayshree Ullal, senior VP of Cisco Systems. “The response to security threats has improved, however, it is not enough. Viruses such as Nimda that hit networks in 2001, took 336 days to fix, while one of the latest intrusions, the Zotob worm, took just five days. Even [that time] is too long,” says Ullal. The vendor also has the Unified Wireless Network solution, which it claims addresses the WLAN security, deployment, management, and control issues facing enterprises. It is an integrated end-to-end solution that addresses all layers of the WLAN, from client devices and access points, to the network infrastructure, to network management, to the delivery of advanced wireless services integration. Furthermore, Cisco has released its Security Management Suite, a new integrated set of security management applications, which it says provide an improved operational framework for system-wide security policy enforcement and administration. The new solution, which includes Cisco Security Manager (CSM) as well as a new version of the Cisco Security Monitoring, Analysis and Response System (Cisco Security MARS) version 4.2, provides customers with an integrated monitoring, configuration and management solution for identifying and enforcing policies associated with data monitoring. The collaborative nature of the applications also helps to identify threats centrally and protects the infrastructure on a global scale. “We are finding several evolutionary factors driving the next generation of security management including the need for improved operational efficiencies between network and security operations groups within organisations, the ability for organisations to manage security events from multiple vendor solutions, and transition away from device by device to end-to-end security service management,” says George Hamilton, senior analyst at Yankee Group. “The Security Management Suite represents a solid step in the right direction. The integration of these applications into a single suite delivers greater business and operational agility to react to and manage self-defending networks,” he explains. Furthermore, end users also have access to the vendor’s new services to its “Anti-X” network threat prevention and Secure Sockets Layer Virtual Private Network (SSL VPN) solutions, underscoring its commitment to the Cisco Self-Defending Network security strategy. Cisco says the move will help customers better identify, prevent and adapt to security threats, and tailor connectivity to serve a wide variety of deployment scenarios. Unified threat management (UTM) is the latest catch phrase when it comes to security. Research firm IDC, in its Worldwide Threat Management Security Appliances 2005-2009 Forecast, reveals UTM appliances sales growing 47.9% over the next five years, and taking a 47% share of the threat management appliance market. In 2004, UTM appliances sales were worth US$333.6 million, which represents 13% of revenue from the security appliances market. Fortinet, which bills itself as a market leader in the UTM space and claims to be the only provider of ASIC-accelerated, network-based multi-threat security systems for real time network protection, says different vendors are adopting different approaches when it comes to UTM appliances themselves, with the capabilities varying from one to the other. They also try to differentiate themselves from each other when it comes to the software that is loaded on to the appliance. “UTM is about integrating all the necessary counter-threat measures into one unified platform,” says Marc de Jong Luneau, marketing director of Fortinet EMEA. While some opt for a best-of-breed approach when it comes to the software itself, hoping to integrate them all into one box, others have chosen to develop software from the ground up which is dedicated and purpose-built for the appliances instead of bringing together existing solutions. While the former comes with the attendant difficulties of trying to make them all run together on one platform, the latter creates issues of trust and doubts about the performance of the solutions that are loaded onto the appliance. Stuart McIrvine, director of corporate security strategy at IBM, says security is complex and one of the ways that corporations can mange this area of complexity is that they need to put more capabilities into the systems to manage and defend themselves. “A customer doesn’t want to buy 14 security solutions and deploy them individually. There needs to be mechanisms and capabilities within the infrastructure to provide self-defending capabilities,” says McIrvine. ProCurve Networking has launched next-generation ProVision ASIC (application specific integrated circuit) solutions, which it says meet the network security demands of enterprise customers. The solutions provide a widespread policy enforcement, which gives network administrators hardware-based granular control of access and traffic flow to protect, detect and respond against network threats without impacting network performance. “It also has a built-in ASIC resiliency, which means, it is engineered to continuously operate while withstanding error conditions and external attacks, such as denial of service (DoS) attempts,” says Wenceslao lada, vice president and general manager for ProCurve Networking, EMEA. The solution also allows for widespread in-depth packet analysis and enables new hardware-based functionality to be ignited without costly upgrades to the hardware. Network security is so high on the priority list of enterprises that they are also exploring managed services as well. By outsourcing the security services, corporations can rely on experts to guarantee safety. Mike Gallager, MSS director at Internet Security Services (ISS) EMEA, believes an increasing variation in vulnerabilities and new technologies is driving companies to re-assess their IT security. “Faced with increasing workload in maintaining security and meeting compliance regulations, enterprises are turning to managed services as a viable alternative,” says Gallager. However, enterprises need quality strategic and practical guidance about how to work with these emerging companies to maximise their own information security. ||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code