Originally published on December 14, 2016
This is the FINAL post of a three-part Blog series on Network Security
Protecting the Future: Advanced Threat Protection
Since widespread availability of computer technology—especially since the introduction of affordable personal computing platforms and open availability of computer training—people have used software to target systems and networks to damage, steal, or deny access to data. Modern and future challenges—or Advanced Persistent Threats—present a more daunting sophistication of malware, attack vectors, and perseverance by which they mount offensives against their targets.
Just as APT uses multiple attack layers and vectors to enhance chances of success, network security administrators must also design and implement a multi-layered defense to protect against these threats. It is critical to understand that no single network security feature will stop an APT. Simplified, a three-step approach to how security measures address APTsappears below.
Figure 6. The Advanced Threat Protection “Three Step Approach”
In order to protect against modern and emerging future threats, adaptive defense tools like ATP are being incorporated into network security infrastructures at an increasing pace. Advanced Threat Protection (ATP) provides the capability to detect and prevent advanced attacks that may bypass traditional network defenses by enabling threat sharing, analysis and mitigation across endpoints, e-mail, the Web, and the network—including the capability for extensions that provide secure wireless access. This level of protection provides increased security across all network sizes from SMB to large enterprises. Critical capabilities brought to bear by ATP include access control, threat prevention, threat detection, incident response, and continuous monitoring:
Access Control. Layer 2/3 firewall, vulnerability management, two-factor authentication.
Threat Prevention. Intrusion Prevention (IPS), application control, Web filtering, email filtering, antimalware.
Threat Detection. “Sandboxing,” botnet detection, client reputation, network behavior analysis.
Incident Response. Consolidated logs & reports, professional services, user/device quarantine, threat prevention updates.
Continuous Monitoring. Real-time activity views, security reporting, threat intelligence.
Figure 7. The Advanced Threat Protection Cycle
Challenges to network security extend beyond the office and the company or organization’s systems. With the increased prevalence of employees who bring their own device (BYOD) for use in the workplace, mobile platforms, interfaces with outside users’ systems and devices, and working in WiFi and cloud environments, it is imperative that business leaders understand that network security is a concern at work, at home, and when mobile. These practices may bring a confluence of professional and personal data into the company network—making it important to continue company network security practices even outside the office.
In today’s technology-enabled marketplace, along with the increased mobility of IT platforms, continuing evolution of IT security is necessary to counter modern and future threats. Because virtually every business today must consider themselves dependent on technology, attacks may cause greater damage today—it may not be the external threat that breaches the network; rather, the inadvertent actions of a careless employee may damage equally to company’s security and operations. Because IT security—or lack thereof—plays a key role in a company’s ability to gain return on investment (ROI), network security must be a fundamental component in a company’s operational and financial planning processes…and what worked last year—or last month—may not be the most effective security platform or process for the future…
Join me next week for a new Blog series on Cultivating Your Professional Network
Network security certification training is a core competency of Dynamic Worldwide Training Consultants, offering training through internationally-recognized names such as EC-Council, Juniper Networks, and Fortinet Network Security. Check certification program and course offerings at http://www.DWWTC.com or call for a free, no-obligation consultation with a Dynamic Worldwide Training Consultants advisor.
Figures 6 & 7 adapted from Fortinet, Inc. Network Security Expert – Level 1 curriculum. Dynamic Worldwide Training Consultants is a Fortinet Premier Authorized Training Center.