IT Jobs         
     Advanced Search
     Advanced Search
Home News Enterprise Developer
Enterprise
 Enterprise News
 Mobility
 Networking
 Security
 Storage
 ERP
Enterprise Connect
SMB Forum
Magazines
  Dataquest
  PCQuest
  Voice&Data
  Global Services Media
  Living Digital
  DQ Channels
  DQ Week
CIOL Events
  EC Awards
  SMB Awards
About CIOL

Custom Site
  • Web Threat Protection from Trend Micro
  • HP IT Service Management

Specials
  Integration of IT Assets: reality check
  Security Solution for SMBs
white papers
Enterprise > Security > Features
NETWORK SECURITY: A Layered Approach
Internal networks need a multi-layered threat prevention and containment strategy
Previous Articles >>
Collaborate for Security
What the hack!
Related Articles >>
New Security Challenges
How to secure your network?
Collaborate for Security

The enterprise perimeter has expanded with mobile devices like laptops, PDAs, USB memory sticks constantly traveling outside the corporate firewall. Wireless LANs allow external connections that bypass firewalls. Secure sockets layer access to Web portals and other internal applications allows encrypted traffic to flow through perimeter firewalls and intrusion prevention systems unexamined.

Network administrators are, therefore, finding traditional perimeter security solutions inadequate in preventing the spread of worms and viruses inside their networks.

Enterprises need to develop a robust internal security deployment strategy. Internal networks are complex with homegrown applications, client-to-client applications, loose adherence to protocols, and no central security coordinator. Unlike perimeter networks, where all traffic is blocked unless explicitly allowed, internal networks need to allow all traffic unless it is explicitly blocked. An effective internal threat prevention and containment strategy is to deploy multiple lines of defense.

Personal Firewalls
Most blended threats and worms enter the network when legitimate users connect compromised machines into a corporate network. Machines can get compromised due to ineffective patch management or exposure to unprotected environments. Patches are often out of sync with the emerging vulnerabilities. And anti-virus-signature updates become available only after an attack has occurred.

The ideal Security Scenario

Personal firewalls being rule based and not signature based, provide pre-emptive protection. Personal firewalls reside on client devices and process traffic based on user- or administrator-defined rules. They also provide application control by monitoring all application requests to access local and network resources and allow administrators to centrally enforce policies by blocking network access to vulnerable endpoints.

Internal Security Gateways
While personal firewalls provide a solid frontline defense, not all endpoints that connect to the internal network are protected. Very often customers, partners, and consultants access the internal network without endpoint integrity verification. Infected endpoints can proliferate threats instantly across the corporate network.

Internal security gateways (ISG) are deployed to contain threats from spreading. ISGs segment the internal network into security zones and are placed inline between all traffic into and out of the security zone. For example, each department in a corporation may be configured to be its own subnet or security zone. ISGs can detect and block the known as well as zero-day attacks, before they infect the network. ISGs detect protocol anomalies and malicious code at both the network and application layers. Unlike traditional intrusion prevention solutions, ISGs are designed specifically for internal networks and also understand and protect against LAN-based protocol attacks.

Host-based Security
Internal networks consist of business-critical servers that are the ultimate goal for hackers to penetrate. Therefore, any effective internal security strategy requires host-based security software that runs on individual hosts and inspects the traffic to and from its host server or PC. This software can detect new host software or configuration changes and determine the resulting security exposure. Like personal firewalls, host-based software can enforce remediation for non-compliant hosts, which is very effective for patch management. It also accumulates data on normal host functions and traffic and can lock down servers if it detects a threat or malicious code.

Ideally, all layers of defenses should be integrated and should work in tandem from central management, authentication and log consolidation, and correlation. Deploying a layered approach to internal security can protect your valuable corporate resources from malicious intrusions and intruders.

Vinay Goel Check Point Software

© Source: Voice&Data
  Email this article   Print this article
Top Stories of the Day
Ericsson to host multimedia services for BSNL
Optical Components market registers negative growth
DoT to set up 3 Telecom CoE in 2007
Ericsson to host multimedia services for BSNL
Indyarocks.com, the new Social Networking Portal
 


IBM developerWorks
RSS Feeds | 10th Anniversary Special | Search | Opt-In Newsletters | Slide Show | White Papers | Custom Site
Specials | News Makers | Product News | Security | Storage | Open Source | Operating System | Tutorials
+ Worth a click +
PCQuest | Dataquest | Voice&Data | Living Digital | DQ Channels | DQ Week | Global Services Media | CyberMedia Events
Cyber Astro | CyberMedia Digital | CyberMedia Dice | CyberMedia | BioSpectrum | BioSpectrum Asia

About CIOL | Awards | Media Kit | Sitemap | Contact Us | Help | Write for CIOL | Jobs@CIOL | Privacy Policy
Copyright © CyberMedia India Online Ltd.