5 things must need for securing modern network
Published: 12:18 10 July 2019
There is a saying, “The network is the computer.” It means IT infrastructure was linked together in a loosely-coupled architecture, tied together via networking technologies such as Ethernet cables and the TCP/IP protocol. Thus, it was critical to engineering the network correctly to maximize network availability, performance, and business benefits.
Things have changed since the early 1990s. Some networks live in the cloud, some are virtual, and some rely on application-to-application connections, but networks still connect IT systems together in one way or another.
Amidst this transformation, network security has had to change with the times. There are five things must need to support the modern network.
Modern network security controls must be instrumented into all network segments for inspection of east or west traffic, network communications in the cloud, and network communications from remote workers to software as a service (SaaS) applications where the traffic never touches the corporate network. In other words, all network traffic should be inspected.
Encryption or decryption capabilities
According to ESG research, 50 to 60% of all network traffic is encrypted in recent times and this will only increase in the future. That means comprehensive network security architecture must include the ability to decrypt and inspect traffic at a multitude of control points.
Modern network security technologies should also be able to detect suspicious traffic without the need for decryption in all cases. This capability is already included in offerings such as Cisco Encrypted Traffic Analytics (ETA) and stand-alone solutions from vendors such as Barac.io.
Reducing the attack surface should be a primary requirement for all modern network security technologies. This equates to two capabilities- first, segmenting east or west traffic between application tiers, and – second, enforcing software-defined perimeter network segmentation rules between users or devices and network-based services. These capabilities are often vaguely referred to as “zero-trust.”
Central control plane and distributed enforcement
This one is a “must-have.” All network security controls (i.e. physical, virtual, cloud-based) must report into a common control plane for management activities (i.e. configuration management, policy management, change management, etc.).
The central control plane will likely be cloud-based, so CISOs should prepare risk-averse auditors and business managers for this change. Armed with instructions from central command and control, network security systems must be instrumented to block malicious traffic and enforce policies regardless of their location or form factor.
Note that while every network security vendor will pitch its own central management service, third-party software providers such as FireMon, Skybox, and Tufin may play a role here.
Comprehensive monitoring and analytics
As the old security adage goes, “the network doesn’t lie.” Since all cyber attacks use network communications as part of their kill chain, security analysts must have access to end-to-end network traffic analysis (NTA) up and down all layers of the OSI stack.
The best NTA tools will supplement basic traffic monitoring with detection rules, heuristics, scripting languages, and machine learning that can help analysts detect unknown threats and map malicious activities into the MITRE ATT&CK framework.
CISOs must cast a wide net, as there are lots of strong solutions to choose from pure-play startups (i.e. Bricata, Corelight, DarkTrace, IronNet, Vectra Networks, etc.), networking experts (i.e. Cisco, ExtraHop, NETSCOUT, etc.), and network security vendors (i.e. Fidelis, FireEye, Lastline, HPE, etc.). Caveat Emptor!
Network security technologies must support granular policies and rules, subject to immediate alteration based upon changes in things such as user location, network configuration, or newly discovered threats or vulnerabilities.
Organizations must have the ability to spin up or spin down or change network security services whenever and wherever they are needed. Modern network security controls must be able to accommodate the internet of things (IoT) devices and protocols with the same types of strong policies and enforcement as they offer for standard operating systems. Finally, network security architectures must be built around easily accessed APIs for rapid integration.
- Rogue immune cells can infiltrate old brains
- `First` 3D print of heart with human tissue, vessels unveiled
- Secrete of Blue supergiant stars
- Atomexpo-2019 begins in Russia’s Sochi city
- Google takes on ‘Africa’s challenges’ in Ghana
- Dhaka contributes $15,000 for OPCW ChemTech Center
- e-Passport: Requirements and benefits
- People on Mars by 2033 or 2060
- Daraz joins hands with Visa
- Three Mile Island nuclear plant to close by September 30
- Google celebrates Earth Day with Doodle
- America’s 1st female astronaut candidate dies
- Cashback on Marcel AC for Facebook post, caller tune
- Bringing flavor back to tomatoes
- Don’t imitate, find your own innovations: Joy