Understanding Security Threats to Get the Best Possible Protection

Security is a major concern for small to medium business. However, its been decade fighting with threats and hackers, still new challenges keep coming every day. We discussed the new challenges and solutions available with Sanjai Gangadharan, Regional Sales Director, SAARC, A10 Networks.

The enterprise IT paradigm has recently gained tremendous momentum due to trends like cloud, IoT, mobility and big data. As organizations are rapidly turning digital, the use of cloud services are also on a rise. The cloud market in the country is growing at 30% this year. IoT is a key trend in the enterprise sector that is adopted to improve the enterprises’ efficiency and performance. But, security and privacy issues still pose roadblocks to its fast adoption.

Security spending continues to grow in 2016 and is projected to reach $1.23 billion in India. Gartner predicts that by 2020, more than 25 percent of identified attacks in enterprises will involve IoT. Some of the key security risks that could be brought about by IoT are-

DDoS Attacks- Distributed Denial of Service (DDoS) attacks have evolved, and are not only occurring more frequently but are Multi-Vector and comes in greater volumes and increased sophistication. Every year, attack mechanisms are growing more sophisticated to bypass existing firewalls, costing significant company revenue in IT resources and damaged brand recognition. Large distributed “botnet” networks of compromised “zombie” machines are used to simultaneously launch attacks using compliant protocols, saturating the victim with traffic volume that quickly grows to a massive scale. The victim’s network security services can become overwhelmed trying to inspect the intense volume of zombie traffic, or application servers can become exhausted trying to respond to the many botnet requests. Web Application Attacks- When cyber criminals and hacktivists aren’t busy taking down websites with DDoS attacks, they are launching web attacks like SQL injection, cross-site scripting (XSS) and cross-site request forgery (CSRF).

DNS Infrastructure- DNS servers have gained the dubious distinction of becoming a top attack target for two reasons. First, taking DNS servers offline is an easy way for attackers to keep thousands or millions of Internet subscribers from accessing the Internet. Second, attackers can exploit DNS servers to amplify DDoS attacks.

Traditional firewalls and security systems can’t keep up with the increasing onslaught of malicious encrypted traffic. To eliminate the blind spot in encrypted traffic within corporate defenses, organizations should provision solutions that can decrypt SSL traffic – both inbound traffic to corporate servers and outbound traffic from internal users to the Internet –and allow all security products that analyze network traffic to inspect encrypted data.

The enterprise’s data center assets can be secured by utilizing a high-performance ADC to accelerate and optimize the performance of data center applications while simultaneously performing advanced inspection for security without hampering network performance.

Hence, with the increasing number of connected devices, a holistic approach to security is required, keeping in mind the organizations’ business objectives.

Features to look for while buying a firewall

The explosion of mobile devices and apps—plus the move to SDN, NFV, and cloud—is driving the need for a new type of firewall that consolidates network security modules, SSL Insight, ADC and CGN in a reduced data center footprint. The firewalls of the future need to be high performance, have built-in SSL visibility, and handle ever-increasing data traffic.

The following features should be considered while purchasing a firewall:

Versatile- Cloud-ready with physical, virtual and cloud deployment options, with 100% RESTful API coverage to integrate with third-party management systems.

Performance- Exceptional high performance and scalability in a compact form factor, taking into consideration the organization’s future network requirements.

Management - Open and standards-based programmability, which offers rapid integration with management and orchestration systems, consistent policy enforcement and telemetry.

SSL Insight- Efficiency with single pass SSL decryption and SSL inspection for multiple devices, offering best-in-class decryption capabilities to enable security devices to process clear text traffic.