A 2009 Retrospective and 2010 Predictions
by SonicWALL’s VP and General Manager, Douglas Brockett2009 : Change and Consolidation
More people watched a video than TV1. Search Engines
2. General Interest Portals
3. Software Manufacturers
4. Social Networks/Blogs
5. Email
Social Networking = Business NetworkingSocial Networking Malware arrived too
Twitter, Facebook, LinkedIn
2010 Technology Trends
1. Virtualization2. Data Center Consolidation
3. Cloud/SaaS
4. Mobile Devices
5. Converged Communications
6. Data Leakage
1. Virtualization
o Benefits
- Efficiency, Performance
o Implications
- Hypervisor threats, Inter application security
One strategy is to place a UTM Firewall "in-front" of the VM server to protect against attacks
Clean VM Networking
- Another strategy is to provide Inter-VM security, using in/out network routing
2. Data Center Consolidation
Power/Space - OPEX
o Benefits
- Reduces overhead equipments/power/staff
- Improves bandwidth between apps
o Implications
- Inter-data center security is lost
- Access and Disaster risk consolidation
Protecting a Data Center
-> SSL VPN -> UTM Firewall -> Server Groups
3. Cloud/SaaS
o Benefits
- Provides rapid scalability, redundancy
- Decreases CAPEX
o Implications
- Data and app move beyond your perimeter - direct access from mobile users to your data
- Latency/Bandwidth sensitive apps suffer
Clean VPN
-> SSL VPN -> UTM Firewall -> Cloud Service
4. Mobile Devices
86% phones are not smart phones but rapidly growing...
User Mobility
o Benefits
- Productivity : access from anywhere, anytime
- Disaster avoidance
o Implications
- Typing access rules to individuals just got a lot harder
- Many of the endpoints are unmanaged
-> SSL VPN -> UTM Firewall -> User Apps (Laptop, Mobile, Kiosk)
5. Converged Communications
VoIP, Video, Data
o Benefits
- Cheaper, simpler, more scalable network
- Single network vendor
o Implications
- Bandwidth competition, performance
- Risk consolidation
- Exposure to internet-borne threats
o Protecting Converged Communications
- Quality of Service : UTM Firewall
- Bandwidth Management : UTM Firewall (per apps and per user basis)
6. Data Leakage
PCI and EHR Implications
Mixing personal and work data
o Benefits
- Easy to make a mistake and accidently disclose data
- Even easier to intentionally steal data
o Implications
- Ubiquitous employee access to "outside" systems provides morale
and potential productivity benefits
- Employee access to rich data sets improves productivity
o Layered Data Leakage Protection
- Email Security
. Provides outbound compliance tools for spotting data leaving your network
- UTM Firewall
. Can block malware that may hunt for specific data
. Provides app control to limit common data leakage paths
. Application firewall in utilizes custom signatures to prevent data from leaving your network
2010 - Anything, Anywhere, Anytime
o Traditional IT controls fadeo As fast as these tools are adopted their weaknesses will be targeted by cybercriminals
o How do we prepare for these threats?
- Embrace change
- Focus policy on users, content and apps
- Leverage world-wide real-time threat information to stay ahead of the curve
No comments:
Post a Comment