Thursday, September 24, 2015

"Flavor of the day" network security

Network security is tough. Too often a new attack vector appears on the scene and vendors scramble to put out a product to counter it. Companies scramble to implement it. And the bad guys scramble to find a new attack vector and it all starts over again.

After a few cycles, this can lead to enterprises with security approaches too focused on one area leaving others wide open. A big challenge in network security is all of these separate responses don't work together to form an ecosystem of security.

Jumping on the flavor-of-the-day security solution eventually looks more like a patchwork quilt. Throw in substantial changes like mobile and geographically distributed workforces to how businesses need to operate and that quilt can have some serious security holes.

In a recent article, Roark Pollock of Ixia breaks security issues today into three pieces:

  1. Chose the right tools, and then confirm that they are properly deployed and configured
  2. Maintain the right level of visibility into infrastructure
  3. Attract and retain the right skill sets within the organization
Of course, having the right tools and people is important, but they need to be using them correctly to be effective. Siloed tools and work groups that don't talk with one another won't be as powerful as integrated solutions.

“If the technologies aren’t talking to one another, if the technologies aren’t sharing what they learn and what they see from their analysis, then they’re effectively still just first-layer defenses all across the organization,” said Samantha Madrid, head of network security product marketing at Palo Alto Networks.

Another key aspect of network security beyond having the tools and the people is that they need to follow the process. People are the cause of most network outages because they like to skip steps. With this, Uplogix helps in two ways:

  1. With detailed monitoring and automated responses that keep people out of routine situations (the kinds of things that leads to the most skipping) that don't require their help
  2. By providing a secure framework for accessing devices when they need human attention. Uplogix integrates with remote authentication mechanisms, such as TACACS and Radius, but if connectivity is lost, the LM can failover to other AAA servers before falling back on cached authentication data to maintain authorized access.

Securing the network is an on-going battle that can never ultimately be won as new forms of attack are being developed and new vulnerabilities discovered every day in even the best software. The key is to avoid a flavor-of-the-month approach and look for security systems that work together to provide the strongest security against hackers.