Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Protecting your enterprise network

Craig Sanderson, Senior Director of Product Management (Security), Infoblox | March 22, 2016
Craig Sanderson of Infoblox emphasises that more robust DNS and improved network management is needed to combat cyberattacks.

On the software side, it means provisioning network access and permissions. All users should not have super-admin privileges that give them root access to the network. Depending on their role in the organisation, people, devices and applications should be given the ability to see and access only the parts of the network that they need.

2. DNS firewalls to close the gap left uncovered by traditional security solutions

DNS firewalls give enterprise networks the ability to block DNS queries going to known bad domains -- or to restrict DNS queries (driven by malware or legitimate users) to approved domains.

In addition to blocking bad queries, the DNS firewall should be integrated with DHCP to capture and correlate the IP address and related metadata (including device type and when it accessed the network) of the devices. These technologies enable administrators to pinpoint and remediate compromised devices on the network.

3. Greater network visibility into the devices and users connected to an enterprise network

Managing IP addresses and network policies via spreadsheet is not a scalable solution for modern enterprise networks. Integrated, automated network management applications built into the network infrastructure are essential to tracking changes and capturing valuable security information.

IT practitioners need to know what the change was, who made it, and when. If the change violates network policies or opens a security hole, they need to be alerted -- via email and/or in the appliance's user interface -- so admins can take prompt remedial action.

4. Comprehensive, cross-vendor network management tools that provide "single pane of glass" reporting and flagging of security policy across the entire network

The key to effective network management is being able to see everything in one place -- no matter what vendors' products are involved. A "single-pane view" is essential to making sure that devices don't fall through the cracks and security vulnerabilities can't hide in the blind spots between single-vendor management tools.

Network administrators also need to be able to monitor all of the network access rules and policies 24/7 to properly understand the relationships between the devices on the network.

5. Security device management technology that can spot unplanned events or provisioning errors before they affect a production network.

Finally, IT practitioners need the ability to model their proposed network changes, so that they can see what's going to happen before the changes are deployed to production. Ideally, changes should be tested and then scheduled to go live at a specified time, but only after receiving the proper approvals.

New threats and challenges call for a new approach to network security

Enterprise IT security threats continue to become more targeted and more dangerous, security challenges are getting even more complex, and the costs of security failures keep going up. Business as usual can no longer protect enterprise networks against these threats -- much less what's coming tomorrow.


Previous Page  1  2  3  Next Page 

Sign up for Computerworld eNewsletters.