Security is the single most problematic area for IT managers today, and is rising to the top of the most wanted feature lists for all types of networking products.
According to industry analyst firm, The Meta Group, although most networks have some protection against Internet sourced attacks, attacks sourced from the corporate Intranet account for 70% of compromises.
Martin May, regional director sub-Saharan Africa of Enterasys Networks, believes that security of the Intranet must be holistic; it must provide a consistent level of protection regardless of the point of attachment, not just at the Internet firewall.
Today, security of an enterprise`s IT systems is at the top of the list of priorities for companies," he says.
"Customers are demanding more comprehensive network security solutions, designed to protect and serve the corporate information ecosystem."
May says Enterasys Networks has invested many years of engineering time into solving security threats from 70% of compromises that originate internally. These threats come from someone Enterasys refers to as PETE - the Potential Employee Threat to the Enterprise.
"PETE works in everyone`s business, but fortunately, individuals who follow PETE`s profile are a very small percentage of e-connected employees," says May.
"By combating the threat from PETE, businesses can save hundreds of millions of dollars in lost revenues, as well as protecting their company from the negative public impression that loss of service to customers can produce."
May lists five elements which will secure an Intranet:
Prevention - everything possible is done to discourage attacks
Detection - Monitor communications and detect abuses with minimal `time to find`
Damage Assessment - Automatically review situation and report severity
Response - Forensic quality information for identification
Correction - Resolve attacks in shortest possible time
"Companies need to use holistic security architecture for complex enterprise Intranets. This kind of architectural framework will secure all parts of the enterprise network while continuing to provide the most advanced traffic profiling and security detection solutions available.
"Customers also need to protect the entire networking infrastructure, including the Intranet, intranet/extranet interface and extranet. By adopting an architectural approach to network security an organisation can monitor; control or block access to the network resources. In doing so, the integrity of the network, and ultimately the business, is protected."
May says new holistic architectural approaches allow organisations to create comprehensive enterprise security architectures. This is made possible because the architecture is usually independent of media or connection type.
"A holistic architectural approach brings together resolutions for key elements of Intranet threat, and can be adapted to any business model or infrastructure deployment. It is also scalable to any size of company or traffic loads.
"Although the holistic architectural approach focuses on Intranets and extranets to ensure a secure network from all points of entry, some physical control can be enforced within Intranets. This enables network managers to maintain control of the Intranet, even when it has dispersed and dynamic points of access."
According to May, a holistic architectural approach also offers users an Intranet/extranet interface for areas where physical security cannot be enforced or where a third-party provider is delivering communications services.
"With the holistic architectural approach strategy much is added to the value proposition of security within the enterprise`s total connectivity solution. This is because its features are part of a coherent, holistic security framework, not just a set of independent devices."
May adds that in view of the new holistic architectural approach to network security Enterasys is leveraging advanced security-related features of its core networking infrastructure products, and introducing new, purpose-built security products as well.
Editorial contacts

