Imagine if one of your employees who reports to you became lazy and no longer did their job very effectively. You’d more than likely fire him or her. Did you know that your firewall has ceased to do its job, yet you probably haven’t fired it, right?
Before you think I am crazy… let me explain.
We’re going to go on a journey back to about 1994 when firewall technology was relatively new. The firewall was designed to control access to applications. It was the all-important gatekeeper controlling what applications users could use. But, of course, things were simpler back then. Those were the days when users typically were identifiable by an IP address and applications were identifiable by a port number. Web applications for instance used port 80; email applications used port 25 and terminal type applications used port 23. A brilliant concept for its time and the firewall became an instant success. Today almost every organisation on the planet would have a firewall.
Over time, application vendors grew tired of the increasing number of support calls stating that their applications were not working. In fact it was not a case of the application that failing to work, but the firewall was configured to block access to the application. Application vendors became wise to this and started making applications that evaded firewalls. Today we have two types of firewall evading applications:
Popular applications such as Mediafire, Facebook, Twitter, Salesforce, BitTorrent, Skype, AIM and KaZaA fit into one or both of these categories. Now here comes the dilemma. If you try to block Skype for instance with your firewall, you would end up blocking all of these applications as well as email and web browsing. It very much becomes an all or nothing scenario now with regards to using firewall to control access to applications. Organisations want flexibility. They want to select which applications are allowed and furthermore what features within applications can be used. How many times has your organisation wanted to allow access to say Facebook, but not wanted employees posting corporate secrets on Facebook or playing games on Facebook during business hours? We no longer live in a black or white deny or allow world these days, so the firewall with its basic overly simple deny or allow policies, I am sorry to say needs to be FIRED!
Some organisations have become more dependent on their intrusion prevention system for better detecting applications, but it pays to keep in mind that this is not its job. Its job is to detect and prevent threats from traversing the network. Don’t try to make a square peg fit a round hole!
Add to this the other issue of identifying users. Users tend to have changing IP addresses so it is essential to identify a user is by username and password. Only then can we effectively track users and when combining this with true application detection we have the power once again to have a gateway that controls user access to applications.
What is required to solve these problems of identifying applications and users today and applying policies that reflect whether specific features within an application can be used is the replacement to your tired, old fashioned, lazy firewall – a next generation firewall.
Increasing mandates around the security of personal data have made encryption for every business. Australian businesses are leading the world in the use of encryption to protect backups, payment-related data, and laptops – and yet they still have a long way to go before encryption is both ubiquitous and manageable.
If your last access-control update was even a few years ago, you’re probably more exposed to fraud and exploitation than you’d like to be.
It’s not hard to understand why bot management is critical to maintaining business availability and customer satisfaction – but do you know how to properly deal with bots?
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem