Page 52 - index
P. 52
%3 /%" &.*5/ "*+0$%
According to an Online Trust Alliance (OTA) report released in January 2014, last year broke
records in terms of volume of cybercriminal activity. From stolen social media passwords and
credit card data, to a breach at the Federal Reserve nearing 740 million exposed records,
businesses suffered and customers lost millions of dollars. However, the OTA also reported that
89 percent of those attacks could have been avoided had security better practices been
implemented on top of more traditional security plans such as next-generation firewalls.
These commonly used security measures attack threats as they are approaching, but are still
lacking in full protection as threats are still able to bypass networks. Because of this, IT faces
challenges as most organizations use next-generation firewalls as its only network security
protection. We will explore why next-generation firewalls are not enough to fully secure
networks by providing an overview on what it does and what it fails to do in order to provide
protection.
Next-generation firewalls are a threat-based approach in detecting and blocking attacks by
implementing security policies at the application level, as well as at the port and protocol level.
They only stop attacks as they come in, and in some cases, this might mean it is too late to stop
the attack.
Since a threat-based approach is only effective if potential attacks can be clearly understood,
this effectively creates a big blind spot for the IT department. As a result, IT is unable to
adequately address attacks, if they are unknown or undefined. This is why a next-generation
firewall is not enough to sufficiently protect a network.
By adding another layer of security technology to a next-generation firewall plan, IT could
strengthen its network and address advanced threats that next-generation firewalls are unable
to detect and thwart in time. In order to achieve this, IT would need to implement a solution that
catches suspicious behavior that isn’t yet categorized or picked up as a “threat” to attack.
If IT is to eliminate this lack of visibility and provide better security measures, organizations
should look to combine best practices with built-in intelligence as an added layer to its existing
next-generation firewall solution, otherwise known as an intelligent next-generation firewall.
A few benefits of implementing an intelligent next-generation firewall include:
Functionality – With proactive monitoring, enterprises can ensure far fewer service
interruptions, and if the health of the network should change, then administrators are
immediately notified to take action.
Data collection – In addition to real-time threat monitoring, ongoing data collection and
statistical analysis enables enterprises to quickly detect abnormal network and
application traffic behavioral patterns sooner.
I25B /1B>9>7C &171J9>5 M +5@D5=25B 49D9?>
?@IB978D K I25B 565>C5 &171J9>5 << B978DC B5C5BF54 G?B<4G945
