printer friendly version

Network threats are evolving

To protect against the increasing sophistication of network security threats, enterprises must work diligently to adopt a comprehensive security solution.

Enterprise LAN and security professionals face many conflicting pressures in today’s environment. These pressures include:

* Providing organisational compliance.

* Reaching IT cost reduction targets.

* Protecting existing investments in infrastructure and security.

* Limiting business disruptions.

Meeting all of these objectives simultaneously challenges even the most adept organisations. To further challenge today’s IT and security leaders, they must approach these objectives using a risk management framework that recognises the variability of risk within the business and assigns cost-appropriate protection.

Conflicting priorities are not the only issues customers face. The macro security environment is also undergoing significant changes. As organisations deploy Web-based applications that enable work to be done anywhere, anytime, and anyplace, they increase their threat exposure. The traditional corporate perimeter has eroded and threats from internal employees have increased. Lastly, even hackers have evolved from amateurs looking to make mischief to professionals looking to profit at an organisation’s expense.

Today, network threats include viruses, worms and Trojan horses and can also include attacks introduced through internal sabotage as well as from outside forces. While there are improvements in overall organisation security, many attacks are targeted and are geared for financial gain rather than notoriety.

Statistics support the notion that network attacks are widespread and costly. According to the 2008 CSI Computer Crime and Security Survey (which included US corporations, government agencies, financial institutions, medical institutions and universities), more than half of the organisations surveyed experienced computer security incidents which include insider abuse and financial fraud during the previous year. The average annual loss reported averaged around R2 000 000.

While the severity and kinds of threats continue to multiply, corporate security experts are burdened with additional challenges, including the need to deploy wireless networks, support mobile workforces, provide shared network access and demonstrate compliance with government regulations. Despite the number of security measures that are deployed, organisations are compromised.

Penetration rates for security products, especially for products like anti-viruses and firewalls are extremely high. The 2008 CSI Computer Crime and Security Survey reveals that 97% use anti-virus software, 94% use firewalls and 85% use VPNs.

In earlier times, erecting a firewall and implementing virus protection might have been considered a sufficient approach to network security. History, however, has shown otherwise. There are a number of vectors of attack including those bringing threats into the company’s network knowingly and unknowingly. Companies may be unaware of the internal potential for computer security incidents. Organisations today need a network security approach that is comprehensive, multilayered and manageable. HP ProCurve Networking offers the HP ProCurve ProActive Defense strategy – a framework and tools for handling network security that puts an unprecedented level of control in the hands of network administrators.

The HP ProCurve ProActive Defense strategy recognises an organisation’s need for a complete network security strategy – one that integrates with the organisation’s existing IT infrastructure, enforces internal controls, and reports security activities for auditing and forensics purposes. ProActive Defense returns control to businesses by allowing them to secure their networks, while at the same time enabling easy access by authorised users to the information and resources they need to perform their jobs.

Control to the edge of the network means that intelligent security – the ability for the network to respond and react – is located at the edge of the network, where users and resources connect. With security enforced at the edge – as close to users, applications or devices as possible – administrators can better secure the network against threats, regardless of the source.

Share this article:

Further reading: