Most investigations concerning computer crimes show that 60% to 80% of all security breaches are performed by insiders. These statistics highlight the fact that the most common method of protecting a corporate network and computers - the “ring wall” - is ineffective as it is assumed that attacks will come from the outside.
“This type of firewall-centric solution was designed many years ago and is slowly becoming obsolete,” explains Jorina van Rensburg, CEO of Condyn.
“Protection has been moved closer to the assets, such as application servers as well as workstations and laptops. So, how do you transform this traditional view into a more modern and effective architecture?” she asks.
According to Van Rensburg, the first step forward is simply observing the fact that the larger a network becomes, the more insecure it will be. This means that security can be improved by partitioning the corporate network.
Traffic between domains should be strictly controlled and potential problems logged. This immediately puts a limit on the maximum amount of damage a security problem can cause, and increases the possibilities to both detect and deal with potential problems.
The next step is to fully move away from the “ring wall” architecture. “If the servers can be protected against all unauthorised traffic, then operating systems, network protocols and applications cannot be attacked. A good example of this is the system used by Swedish network security company, AppGate Network Security. AppGate servers protect one or more application servers from unauthorised traffic, ensure only authorised users can talk to the servers, encrypt network traffic, authenticate users and make authorisation decisions and log all actions taken.
“In short, the AppGate Network Security system offers protection very close to the application servers and allows users to have different roles and gives access to different resources based on many different parameters, such as location, time of day, authentication method and client system being used.”
Step three involves improving client security. Clients need to be correctly configured, configurations must be reviewed and all software patched to make sure they do not contain any publicly known vulnerabilities. The security system should also be able to do a “client-check” before access to sensitive resources are granted. This check could guarantee, for example, that the client has anti-virus software installed, a good personal device firewall is in use, that no file sharing software is present, or any other rules the application system owner would like to enforce before access to that application is granted.
“Recently appointed as the sole AppGate Network Security distributor for the sub-Saharan region, Condyn believes that the AppGate Server can assist local businesses in updating and improving their security architectures. The solution combines an application layer firewall with device security and a granular access control system in one easy-to-use and cost-effective solution. It makes it possible to be in full control over corporate information, regardless of situation.”
The AppGate Server's main function is to control user access to protected resources. It is equally well suited to control remote access to a site as controlling local (LAN) access to servers on corporate networks. It has a powerful authorisation database that contains rules for what applications and services should be available to users.
The system's powerful authorisation system allows complex rules for access to be defined, for example, that users on the corporate LAN may access a service during office hours using password authentication, while remote users need to use a certificate for authentication and must have a personal device firewall installed for the same service to be available. It is possible to define for each service exactly for what users and under what circumstances it should be available.
Remote administration of the system is possible and different administrator roles can be defined. All user and administrator activities are logged by the system and system logs can be very detailed, for some protocols it is even possible to log every byte being transferred.
“AppGate Network Security unifies all the necessary security elements, such as authentication, authorisation, encryption, access control, client control, monitoring and reporting,” states Van Rensburg. “All of these benefits make it possible for users to take their minds off security issues and focus on the work at hand.”
“Our partnership with Condyn is a result of a formula, which is crucial when aligning with a value added distributor in a large geographical area,” explains Fredrik Nor'en, Sales Director for AppGate Network Security Africa, Asia and the Middle East. “From the beginning, it was clear to AppGate Network Security that the skills and ambitions of the technical staff at Condyn were at a very top level - a requirement both in supporting sales activities and meeting the expectations from clients with a view of handling first line support of the AppGate Network Security products.
“Condyn's footprint within the sub-Saharan region is also proving to be an ideal fit for the AppGate Network Security business, which has traditionally been extremely strong in the governmental areas such as military, police and all other areas where the security and confidentiality of the data is of utmost importance,” he concludes.
Share