Network Critical - The Window to your Network

Recipe for Disaster (or Not)

Well, we closed out 2015 with two final high profile hacks. Hello Kitty had a security leak that compromised over a million customers’ personal data. Hyatt hotels also had a breach that compromised millions of records. These brands depend on the trust of their customers. When that trust is violated, the damage can be severe and long term. Lax network security and lack of information control can be a recipe for disaster. So, after two final cases of corporate holiday indigestion, we thought we would throw out a sweet recipe for fraud protection in the coming year.

Of course, we need to start with firewall and Intrusion Prevention System to prevent attacks from the outside. Next is to mix in a Database Monitoring System to monitor, protect and log all access to sensitive data. Going further, Data Loss Prevention systems can help restrict access and dissemination of sensitive information only to authorized and authenticated persons. Finally, blend in devices such as Security Information and Event Management (SIEM) systems and other data monitoring and analysis devices.

The frosting on this security concoction is comprehensive network access plan to connect these protective appliances to network links. IDS/IPS, DLP, SIEM and other monitoring appliances need access to data flows. No single appliance can accomplish all the analysis, security and compliance functions necessary in today’s networks. Connecting numerous appliances directly on every link, however, is expensive and may have a negative impact on network delay and availability. Fortunately there are taps and packet broker products that can aggregate links and evenly distribute information to multiple appliances looking at different data streams and performing a variety of functions.

A comprehensive and strategic access plan for security and monitoring appliances can help strengthen network security and reduce both CAPEX and OPEX. By aggregating many low speed links into fewer high speed security appliances, packet brokers can achieve cost savings in the range of 2:1 up to 10:1 on security appliance port costs. Conversely, as networks upgrade link speeds, these smart packet brokers can also distribute packets from high speed core links among many lower speed appliances. This allows continued use of existing security appliances extending the useful life of installed equipment.

Further, specialized software in some packet brokers offers a simple way to distribute packets to security appliances. By managing the complicated algorithms in the background, this specialized software can quickly and accurately map links and create and apply filters. Configuration and management can be done in a fraction of the time with greater accuracy than manual GUIs. Rule Optimization software can save up to 70% of system rule resources.

In 2016, more IT departments will be using intelligent network access practices to connect security and monitoring appliances. Database theft, often called a recipe for disaster, can be become chocolate cupcakes for companies that plan and invest in complete and robust network protection. After all, customer trust is like a chocolate cupcake, it is great to have it but when it is gone, it is gone for good.

Posted: 14/01/2016 14:22:57 by Global Administrator with 0 comments
Trackback URL:


Blog post currently doesn't have any comments.