Malware and cyber attacks continue to plague enterprise networks. Meeting business security challenges is a priority for all organisations. Here’s how you can install cost-effective security for your business. By Bryan Stibbard
Granting web access to employees poses new challenges to IT administrators. In addition to regulatory imposts, hackers and data thieves are developing new ways to deliver malware payloads. Unrestricted web access can drain network resources and open unwanted communication channels through instant messaging and peer to peer software exchanges. To combat the problems associated with web access, many small- to mid-sized businesses (SMB) are recognising the advantages of an all-in-one solution as implemented in a secure web gateway.
Network Management Challenges
A new hacker technique “driveby malware” – a practice where network users infect the network with their browsing activities is developing rapidly. This tactic emerged when network security measures became more sophisticated at repelling denial-of-service aimed at breaching a network through brute force. Now, hackers are increasingly focused on luring network users into performing activities, such as clicking on a link to access an e-card or simply navigating to a malicious web page that contains code designed to distribute worms, viruses, spyware, or malware.
Another emerging problem stems from the proliferation of instant messaging (IM) and peer-to-peer (P2P) software applications. Fraudsters using security holes in Voice-over-IP communication tools can create problems with phony chargebacks and compromised business practices. These kinds of contacts among a company’s employees can be difficult or impossible to regulate without central control over web traffic.
From the perspective of resources management, employees who engage in activities that result in large volumes of data being funnelled through network resources can disrupt operations. If unrestricted they can usurp network bandwidth best devoted to other uses and higher priorities.
Approaching Web Security
SMBs gain the most efficiency when they are able to consolidate and streamline functionality in key areas, such as web security, in a manner that permits straightforward management, easy oversight, minimal day-to-day maintenance, and simple upgrading.
The rising popularity of appliance-based approaches to network security is a testament to the fact that an all-in-one security model successfully meets the necessary criteria.
A security appliance can be deployed in any one of three possible packages:
• Software appliance: The functionality of the security solution is obtained through a single software image, bundled with the operating system and all requisite applications, for quick installation on a dedicated server or PC. This results in a much faster and easier deployment than is typical for software applications, which require a separate pre-installed operating system.
• Hardware appliance: A hardware device with pre-installed operating system and application software is added to the network and quickly configured. This often represents the quickest method to integrate the capabilities of a security solution onto a network with minimal instances of deployment problems or incompatibilities.
• Virtual appliance: A virtual appliance is a combination of all the required
software applications, including the operating system, pre-installed, preconfigured, and designed to be run concurrently with other virtual appliances in a virtual environment.
This packaged approach to delivering security solutions benefits from the strength of consolidating the necessary protection at a key point of vulnerability. For example, Astaro Web Gateway provides a divide between the free-flowing information on the Internet and the network infrastructure inside the company’s firewall. Working in combination with the firewall, this security gateway can filter content by URL, oversee and control the use of web applications, prioritise bandwidth use by application, and protect against malware reaching the internal network.
All-in-one solution
IT administrators who implement an all-in-one web security solution gain distinct advantages over more costly and complex single-function web-filtering solutions. Having a single point of control over web access and usage achieves a number of benefits, including effective malware protection, where the threat vectors introduced by malware, spyware, viruses, worms and so on can be met through a robust first line of defence.
A centrally managed appliance for web security helps businesses to lower costs by reducing IT management tasks and simplifying routine maintenance and upgrades. From the point of legal compliance, companies can block access to inappropriate or illegal web content to comply with internal policies and regulatory mandates.
Enterprises also enjoy increased productivity since employees won’t be surfing non-business sites during business hours. It also lowers the risk of infection from malware obtained through questionable sites. Other non-productive activities, such as taxing the network with inappropriate bit streaming, can also be eliminated.
As the appropriate level of expertise and the IT security resources may not be available in a typical SME, an appliance-based web security gateway provides the best solution to implement cost-effective, easy-to-deploy protections and network-use controls in a centrally managed solution. This approach enhances traditional security measures while affording protection against contemporary and emerging threats.
—Bryan Stibbard is vice president of sales for Asia Pacific and Japan, Astaro. He leads Astaro’s expansion into the Australian IT security market, leveraging his experience in the industry—including seven years with Symantec and prior tenure with CA. Contact Bryan Stibbard at bstibbard@astaro.com.