Combining Network and Perimeter Security to Mitigate Attack Risks
Data security used to be relatively simple. Office buildings and areas within them presented clear “perimeters” that companies could protect with locks, alarms, and if necessary, searches of belongings. “External endpoints” that needed protection amounted to briefcases that employees might lose. With the rise of computing and data stored on corporate servers and PCs, firewalls emerged to protect the network, and various methods prevented information from leaving the company on disks. Today, however, perimeter protection is vastly more complicated, and corporate data is accessible by an array of endpoints – laptops, tablets and smartphones – that represent an ever-changing perimeter with ever-evolving risks of serious data breaches. As a result, protecting data now requires a dual approach to security: traditional “inside” network security to protect data on servers, and “outside” perimeter security to prevent the use of endpoints to circumvent network security.
According to a recent Dell Global Security Survey, mobility, cloud computing and the Internet of Things are introducing a slew of new risks, and there’s a rise in accidental and malicious internal breaches. The survey also found that 76 percent of IT leaders polled (93 percent in the U.S.) agreed that combating today’s threats requires companies to protect their entire perimeter – inside and outside the organization – by increasing network and endpoint security.
While most companies already understand the need for a robust firewall to protect data on corporate file systems, many don’t yet know what it takes to protect endpoints and data during transmission. The most effective way is with a highly coordinated, holistic security plan using multiple, integrated tools that can adapt to evolving threats, changing business requirements and specific company risk profiles.
Amerijet International, an airline with presence in Latin America and the Caribbean, and Cresa, a corporate real-estate company, have successfully implemented such programs to protect data and lower the risk of breaches.
Amerijet carries more than 200 million pounds of freight annually to over 550 destinations worldwide. The company recognized that supporting its growth would require upgrading existing technology systems to provide maximum availability for critical applications. Using a holistic approach, Amerijet deployed the following capabilities.
By installing a next-generation firewall and centralizing firewall management, the company gained visibility into the application layer across the entire firewall. Previously, Amerijet had to configure each firewall device separately. Now the company can configure its entire environment from a single application.A separate firewall for the airline’s virtual private network ensures safe connectivity for remote workers at nearly 100 global locations.
In addition to the firewalls, a sophisticated systems management appliance with multiple, integrated capabilitiesprovides tightly integrated intrusion detection and prevention, sophisticated malware protection as well as powerful application intelligence, control and visualization. The integration of these tools makes it far easier to provide visibility across multiple threat vectors. The appliance also provides high-speed deep packet inspection, enabling IT to analyze traffic, detect problems and quickly resolve issues – all without having to compromise performance. Finally, the appliance includes streamlined software inventory as well as distribution and patching to automate maintenance of endpoints and eliminate vulnerabilities associated with old and unpatched software.
Amerijet now has a combination of network protection and endpoint security, providing a strong inside and outside defense for vital systems. A key benefit of this multi-pronged approach is centralizing management of the entire environment to reduce complexity and increase efficiency. During a recent security audit, the company exhibited its newfound prowess, identifying a potential security issue within five minutes and addressing it immediately.
Cresa, an international commercial real estate brokerage based in Boston, offers a range of services, including strategic planning, transaction management, facilities management, workforce and location planning and lease administration. The company has more than 55 locations in North America with more than 100 additional locations worldwide.
A critical part of Cresa’s business is protecting client data. With government contractors as clients, the company needs to pass all security audits. Equally important, in the event of a security breach, Cresa would have to notify clients regarding possible data loss, causing significant damage to its reputation. To limit the possibility of security breaches and data loss, the company focused on deploying a solution for protecting its multitude of endpoints. Automating processes for updating software and deploying patches also was high on the company’s to-do list. IT needed to ensure users were running the latest versions of software, especially regarding anti-virus. Unfortunately, Cresa could not centrally manage the hodgepodge of endpoint systems, so IT could not automatically determine who didn’t have the latest and most secure software versions.
Like Amerijet, Cresa opted to deploy a systems management appliance that automates software distribution and patching as well as device discovery and inventory. This solution provides visibility into – and complete control over – the software environment, so administrators can easily see what software version is running on each system. It also provides security audit enforcement and reporting. The solution integrates with the company’s remote support tool and features a built-in service desk, which enables IT to easily manage about 1,000 user endpoint desktops or laptops.
With these tools and capabilities in place, Cresa can confidently protect client data and pass any required security audit. In addition, full automation of software distribution and patch management has reduced management time by more than 160 hours per year, letting administrators focus instead on more strategic initiatives.
In today’s highly distributed network environment, a corporate firewall simply isn’t enough. Only by deploying and centralizing the management of firewall, endpoint and data transmission protection can organizations gain the visibility and capabilities needed to protect data, thwart breaches and prevent leaks.