/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: India has today become a hotspot for security attacks. Today, the fraud industry is so advanced that newer standards are set by breachers each day, literally keeping the security solution providers on their toes.
/ciol/media/post_attachments/95f05bba55381b4f936ee7232cbe033b47140baad627063d1ca2bd1a27a9565c.jpg "publive-image")
“Leaving behind the traditional signature based detection techniques, there is a demand to develop behavioural and statistical anomaly based techniques to provide protection against blended threats,” says Rajeev Goel, vice president, iPolicy Networks, security products division of Tech Mahindra Ltd. He speaks at length about the security demands, vulnerabilities and trends in network industry in an interview with CIOL. Excerpts:
CIOL: What are the prevailing trends in the network security sector?
Rajeev Goel: Emergence of a plethora of Internet applications, social networking sites and proliferation of web-2.0 are paving the way for several security vulnerabilities and attack vectors. In the present scenario, there is a need to develop deep understanding of applications behaviour of security products.
This is leading to a deeper packet inspection for application management and control that has more processing power, in addition to integration of more security services in the UTM space.
Leaving behind the traditional signature based detection techniques, there is a demand to develop behavioural and statistical anomaly based techniques to provide protection against blended threats. Security technologists continue to find ways to perform deeper content inspection for application and state identification in addition to anomalous behaviour of protocol without compromising on performance.
Some of the other network security trends are:
Business trends: Today, businesses are shifting toward integrated threat protection based solutions in the enterprise segment. Moreover, SaaS based models and mobile security solutions are being looked upon as major growth drivers.
Technology trends: Rollout of higher capacity appliances and solutions that are capable of deeper inspection. Security virtualization solutions are coming up in a big way. Prevention technologies against blended threats are also on the rise.
Architectural trends: Virtualisation support at processor and hardware level, deep inspection for application identification and content inspection, virtual execution to understand malware behaviour and faster anti-virus and anti-spam technologies.
Virtualization technologies are rapidly being developed to protect security contexts and isolate one from the other. Plenty of work is also being done on the integration of different types of defense mechanisms so that feedback from one into the other can be used to pose a comprehensive defense posture against the emerging attacks.
CIOL: Why is India at the focus of security attacks? What are the major security challenges that enterprises and service providers face today?
RG: Emergence of social networking sites and plethora of Internet applications, which powers you to do almost ‘whatever you desire for’, has lead to the explosive growth of the Internet in India. Interest levels, in trying out newer applications, are so high today that often users blissfully forget the security aspects while clicking on an attractively presented phishing link or opening a site, which can jeopardize one's privacy.
This elevated state of vulnerability, combined with the attacks from latest threats like botnets, spam, phishing and malware, poses a serious challenge to enterprise security state.
This heightened state of security vulnerability evolved out of the fast pace with which the Indian economy is growing with respect to the other parts of the world. This is paving the way for an indiscriminate use of network and mobile applications for official and unofficial purposes. Lack of awareness about security issues acts as a catalyst to this state of vulnerability.
The scenario at the service providers end is a bit different. Owing to the explosive growth of the Internet, service providers have increased the capacity of core and aggregation points in order to meet the growing demand, but at the expense of security parameters. Security parameter of a service provider who carries over tens of gigabytes of traffic is entirely different from that of the other who carries less.
Service providers now face the challenge of enforcing appropriate security measures in accordance to their increased requirement. They also face the challenge of getting visibility into the information content of the traffic carried through the giant pipes. Another crucial aspect is making sure that the solution deployed is scalable enough to meet the capacity enhancement requirements of the future too.
CIOL: What are the points that enterprises must keep in mind to secure network?
RG: No security product can substitute for the level of protection that can be generated by security awareness. Spread security awareness among the users through regular interactions.
It is as important to look at trends as it is to look at discreet security incidents. Trends are important to find out if your network is being targeted or, if it is being exploited over time. Such targeted plans could cause more damage than discreet events.
Make sure that you really evaluated the solution in your environment. Performance can depend on deployment and real life traffic conditions. All that glitters might not be gold.
Buy, and don’t forget that security solutions need regular monitoring, management, control and upgrade.