|
Security: now and always
Vishak Raman, Country Manager, Fortinet India, on
emerging trends with regard to the security landscape of an enterprise.
Vishak Raman |
Raman presented his views on security in today’s context.
“Your business is changing,” he said.
He talked about the various IT infrastructure challenges in
the Indian context such as security threats & network management, application
performance management, LAN / WAN links optimisation, hardware / server maintenance
& management, IT policies, processes and people management.
With regard to enterprise infrastructure security concerns, he said, “The
common questions in the minds of Indian CIOs pertain to the current level of
security, the need for a single window or dashboard, from where you can find
out about an attacker, his motive and whether he succeeded or not.” Other
concerns that Raman pointed out were whether new threats would call for new
platforms and the outsource vs. in-source decision.
|
The common questions in the minds
of Indian CIOs pertain to the current level of security, the need for
a single window or dashboard, from where you can find out about an attacker,
his motive and whether he succeeded or not
|
He highlighted several performance issues with respect to security that may
concern CIOs. For instance, most CIOs are skeptical as to how network performance
will be affected if they turn on security functions. “Questions like does
it slow down our WAN and what is the user experience on applications, mail,
Web and what is the uptime guarantee concern every CIO,” he pointed out.
Raman believes that security has evolved to the extent that it confers a competitive
advantage. He made an observation that security is imperative and that it provides
an edge in industries such as IT and ITeS, however, the question was whether
it mattered in other sectors.
If the topic of competitive advantage has been spoken about, one cannot disregard
issues such as mobile workforce, new business tools, and compliance requirements.
Raman felt that e-mail, Web, and VoIP are mission-critical applications. Speaking
on the evolution of the applications, Raman gave examples of IM with VoIP, e-mail
& Web plug-in, new P2P applications and patches for existing applications.
The obvious effect of business changes is the evolving threat landscape. “The
motive of the attacks have changed,” he said. Raman opined that the intent
of the attacker was to gain fame although the motivation was criminal. “Cyber
crime economics are too compelling to subside,” he said. It is not hard
to understand that malicious threats will lead to data losses, identify theft,
corporate espionage, business downtime, bad publicity and regulatory fines.
Another interesting point made was about challenges such as performance and
outbreak containment faced by large enterprises during core deployment.
| Security Problems |
Solutions |
| Viruses / Trojans / Worms |
AV Gateway, AV Host or Server Software |
| Intrusions |
Inline IPS |
| Denial of Service |
Firewall or IPS |
| Spam |
Anti-Spam appliance |
| Banned Web content |
URL filtering software or appliance |
| Spyware |
Anti-spyware software |
| Phishing / Pharming |
URL filtering software or appliance and anti-spam
systems |
| Keyloggers / Malware / Rootkits / BOT Networks /Mobile
Threats |
Hide from existing anti-virus applications |
| Blended Threats “New Industry Problem” |
Content security appliances |
|
