Issue dated - 03rd November 2003

-

Previous Issues
CURRENT ISSUE
INDIA NEWS
NEWS ANALYSIS
COLUMNS
TECH FORUM

THE C# COLUMN
BETWEEN THE BYTES
TECHNOLOGY
SPECIALS <NEW>
Symantec Report
Security Headquarters
JobsDB
MINDPRINTS
HMA BANKBIZ
EC SERVICES
ARCHIVES/SEARCH
IT APPOINTMENTS
WRITE TO US
SUBSCRIBE/RENEW
CUSTOMER SERVICE
ADVERTISE
ABOUT US
 Network Sites
  IT People
  Network Magazine
  Business Traveller
  Exp. Hotelier & Caterer
  Exp. Travel & Tourism
  Exp. Pharma Pulse
  Exp. Healthcare Mgmt.
  Express Textile
 Group Sites
  ExpressIndia
  Indian Express
  Financial Express

 
Front Page > News Analysis > Story Print this Page|  Email this page

Securing the enterprise network

Increasing threat levels have led to greater expenditure on safeguards. Today, advanced technology is available to the enterprise at an affordable cost, say GAURAV PATRA & RAHUL NEEL MANI

In recent years we have seen e-business improve the efficiency and financial health of companies. Applications such as e-commerce, supply-chain management, and remote access allow companies to streamline their work processes, reduce operating costs and improve customer experience. To do all this companies rely on scalable networks carrying voice, video, and data while supporting burgeoning users. There is a downside, however—this mega network is vulnerable and security becomes an inseparable part of countering threats to the enterprise network.

Is security spending down?

With the overall pressure on business, there has been a lot of emphasis on cost reduction. One of the direct impacts of this has been on IT budgets, which have been slashed significantly over the last few years. “With very limited IT budgets for CIOs, IT security is of secondary priority. Spending on new application development, maintenance and hardware upgrades takes priority. Hence IS security budgets are shrinking,” says Manoj Kunkalienkar, executive director & president, ICICI Infotech. The fact is that the ongoing slowdown has forced organisations to prune their IT budgets. “Since most IS security budgets are a percentage of the IT budget, any depletion in the IT budget routinely results in the IS security budget shrinking. However, a reduced IS security budget is in no way reflective of any alleviation in the security concerns that are faced by the enterprise,” says Felix Mohan, CEO, Secure Synergy.

However, Swapan Johri, global practice director & division head—e-secure, HCL Comnet, feels otherwise. “Globally, there is a reduction in technology spending, but, in India we have not come across this. The market is growing, both in products and services,” he says. Agrees Neel Ratan, executive director, PricewaterhouseCoopers, “In the last two years, spending on security has gone up. Companies are investing more on devices like firewalls, intrusion detection systems (IDS) and virus protection tools.” P K Jain, managing director, Lanner India concurs. “Security budgets are not shrinking. With growing realisation and concerns about the security of the network and data, both external and internal, security investments are heading north,” he says. Agrees Deepak Prasad, director, Rainbow Information Technologies, “Organisations are investing in understanding and setting up secure infrastructure for their business needs.” The recent spate of terrorist and virus attacks has led to an increased awareness of security and hence some selective investments are being made.

Where the money goes

With a large number of users opting for mobile computing, it is critical to ensure appropriate desktop security solutions. Personal firewalls, VPNs for mobile users and desktop anti-virus solutions are some key components in providing a reasonable amount of security. Digital certificates are being used to secure data. In addition to physical security measures, typical desktop security encompasses authentication (Kerberos), authentication hardware (smart cards), hard disk or file encryption software, personal firewalls, anti-virus, vulnerability scanners, spyware protection and file system integrity protection (tripwire) for the desktop.

Companies today want to connect all their remote offices or warehouses. Most have opened their networks for connecting their offices, warehouses, clients, and suppliers. This has lead to investments in firewalls and intrusion detection systems. Experts opine that network security monitoring shall also emerge as a popular choice in the near future. Typical network security encompasses IDS, network protocol analysers, network firewalls (deployed for network compartmentalisation) and network-based patch updating software.

At the perimeter, organisations have realised that they need more than one firewall to secure their networks, and the myth that one firewall can secure your organisation against all possible attacks is being challenged. Hardware-based firewalls are gaining ground as they offer superior performance. Organisations have started to deploy firewalls to monitor internal traffic, as it is a major cause of security breaches. Perimeter security would normally encompass perimeter firewalls, gateway IPS, gateway anti-virus protection, gateway content scanning and anti-spam protection, perimeter vulnerability scanners, and remote access protection solutions.

IT security requires a layered approach. A number of products are part of a company’s security infrastructure. Even though one can have a comprehensive security roadmap, it is difficult to have comprehensive security once and for all, as security is an ongoing process. That’s why it is not advisable to have a comprehensive security set-up. “Going in for a comprehensive security solution is not the best option. In fact, no comprehensive solution is available that can take care of the entire security set-up,” says Vishak Raman, technical sales manager, India, WatchGuard.

Securing remote access

Advanced technology is now available to enterprises at an affordable cost. There are a few upcoming technologies that merit a look as they break the legacy of contemporary CIA (confidentiality, integrity, availability) safeguards. An enterprise with offices across different locations will want to secure remote access. Basically, this is done through three options: firewall, IDS, and Virtual Private Network (VPN).

VPN, in particular, has become the answer for bringing down connectivity charges. Security standards that operate on VPNs have improved immensely in the last few years. Advanced authentication and encryption standards have enabled enterprises to extensively use the technology for regular operations. VPNs also provide varied deployment topologies that let both static (desktop) and mobile users gain fast access to the central network.

Enterprises running online businesses need to monitor their networks around the clock. This is where IDSes that help prevent malicious attacks have come into the limelight. Intrusion prevention systems (IPS) have deployed to monitor critical facilities. These devices run on rule bases that contain an extensive list of known attacks.

IDSes till recently were not inline. They were offline, resulting in latency. Now IDS is more or less inline. “Instead of doing just signature updates users will be carrying out anonymous behaviour detection by using IDS,” says Johri. The distinction between firewalls and IDS has also started to blur. Firewalls earlier could only detect the headers of the packet, not the content part. Now the IDS, which has evolved into the intrusion prevention system (IPS), has packet inspection capability. “Once that happens, effectively it will play a role of a firewall as well,” says Mohan. Experts also opine that the adoption of IDSes with an anomaly detection system (ADS) will also increase.

Software-based firewalls are being replaced by appliance firewalls, due to inherent limitations. WatchGuard, a major company promoting appliance-based firewalls, is scoring over CiscoPIX and CheckPoint here. However, in the days to come one expects to see firewalls with deep inspection technology along with powerful proxy and netting policies.

Companies like Symantec, Cisco and Network Associates have started talking of a ‘one- box’ solution for the complete security needs of an enterprise. “Because of budgets smaller enterprises will go for a single box solution with firewall, IDS and VPN in one box,” says Avinash Purvar, business development manager, India & SAARC, Cisco Systems. However, we should not forget that IT security requires a number of products in various layers of a company’s security infrastructure. It is difficult to have a one-box solution because security needs at various layers are different. “Going in for a ‘one-box’ type security solution is not very feasible. In fact, there are hardly any comprehensive solutions available that can look after the entire security set-up,” says Raman.

Only 69 percent of Indian companies, which responded to the CII-PwC IS Security Survey last year, were using firewalls whereas 91 percent of them were connected to Internet. One can imagine the level of risk they are running. Despite knowing that IDS and VA (Vulnerability Assessment) tools can enhance the level of IS security, only 21 percent and 8 percent companies in the survey were making use of these tools respectively. On the brighter side, the use of VPN for end-to-end authentication and encryption of network traffic was shown to be on the rise and will grow this year. The result of this survey talks about opportunities in the Indian market, a good reason for vendors to be more proactive and come out with better and cheaper technology options for the enterprise.

rahul@expresscomputeronline.com
gaurav@expresscomputeronline.com

New technologies in network security
  • Deep packet inspection firewalls that provide stateful inspection of transactions at near wire-speeds in the network and application layer, obviating problems such as the port 80 vulnerability faced by traditional firewalls.
  • Intrusion prevention systems that prevent both known and unknown intrusions and denial of service attacks through signature matching, anomaly detection and behaviour blocking techniques.
  • Hardware-based security platforms are also evolving. These integrate various best-of-breed security solutions—firewall, IDS, vulnerability assessment, gateway anti-virus, anti-spam, content scanning—reducing total cost of ownership and providing better managed perimeter security.

Trends in securing remote access
VPN

  • Organisation will continue to deploy or enhance VPN architecture to support mobile workers and exploit the Internet.
  • Trusted third parties will provide key management support to VPN users.
  • VPN applications will become available for both the enterprise and the user side of VPN.

Firewall

  • The proliferation of small and midsize enterprises connecting to the Internet will create a market for firewall appliances that will grow.
  • Firewall products will incorporate functionality such as authentication services and content filtering facilities as suppliers continue to add value to their products.

IDS

  • Hybrid IDSes will become more common than systems based on either anomaly or misuse detection. Similarly, hybrid systems will encompass both host and network-based products.
  • Aided by VA products, new services will be offered to test IDS configurations in an organisation.

Source: PwC India IS Security Survey 2002-03

<Back to top>


© Copyright 2003: Indian Express Group (Mumbai, India). All rights reserved throughout the world. This entire site is compiled in
Mumbai by The Business Publications Division of the Indian Express Group of Newspapers.
Please contact our Webmaster for any queries on this site.