Network security has shifted focus substantially over the last few years. Whereas firewalls and intrusion detection technology were commonplace before, the modern requirement is for more advanced network management tools and intrusion prevention via exclusion policies rather than attempting to detect intrusions that have already occurred.
Ankcorn Fernihough, Systems Engineer for 3Com, believes the modern security environment is an overlay on top of what was conventionally implemented and, as such, presents added complexity to the security ecosystem. This is forcing a new approach to security.
"We are seeing advancements in security, not change per se," he says. "Mobility is a big driver for this advancement; mobile workers must have access to IP-based systems."
Fernihough explains that this is challenging the conventional view of firewall systems. With remote access coming to the fore, traditional firewalls in the traditional sense no longer fulfil all of an organisation's security needs.
"In the past, firewalls would typically allow all packets entrance into the network and then there would be an attempt to analyse them via intrusion detection systems," he says. "But effective security now relies on intrusion prevention, not just detection."
He emphasises that network access control (NAC) systems have become an integral part of effective security platforms; this is particularly vital in terms of convergence.
"Mobile workers not only need remote access to the IP environment, but there is added complexity in what they are using the IP stack for," explains Fernihough. "Voice and data is now traversing the IP network and access is required for a wide range of devices from telephony handsets to personal digital assistants and laptop computers.
"Key to effectively managing all of these devices and their related traffic is assessing their readiness to be connected to the network," he continues. "Tools are required that are able to ensure that policies are enforced before allowing devices to connect. For example, computers are analysed to ensure their operating systems are up to date with the latest patches and that they have recently been scanned for viruses. Only then is the device allowed to connect.
"If you have a vulnerability on your network, then you need to know where it is," he notes.
He says that 3Com prefers using the term 'network access management' as this provides a better indication of what the technology aims to achieve.
Going forward, Fernihough predicts that training will increasingly become a prerequisite, given the highly skilled requirements of modern devices and the networks that accommodate them.
"I also think that security being outsourced creates a big vulnerability on a network. You need someone skilled to handle internal security for the organisation," opines Fernihough. "Five years ago network security was not a major concern. If you signed a security policy five years ago, that policy does not apply today because there are more threats rampant in the market.
"This is where you need something that can do deep packet inspection and not detection and where a security specialist is required who needs to keep the organisation up to date in all aspects."
Increased complexity is driving exclusionary policies into the networking fray and demanding comprehensive management systems. Firewalls and detection systems are not being replaced, but rather being supplemented with these new technologies.
Share
3Com Corporation is a leading provider of secure, converged voice and data networking solutions for enterprises of all sizes. 3Com offers a broad line of innovative products backed by world-class sales, service and support, which excel at delivering business value for its customers. 3Com also includes H3C Technologies Co, Limited (H3C), a China-based provider of network infrastructure products. H3C brings high-performance and cost-effective product development and manufacturing and a strong footprint in one of the world's most dynamic markets. Through its TippingPoint division, 3Com is a leading provider of network-based intrusion prevention systems that deliver in-depth application protection, infrastructure protection and performance protection. For further information, please visit www.3com.com or the media site www.3com.com/pressbox.
Copyright (c) 2007 3Com Corporation. 3Com, the 3Com logo and TippingPoint are registered trademarks of 3Com Corporation. All other company and product names may be trademarks of their respective holders.
Editorial contacts