SDA India is an online resource for Software, Development,IT, Architecture, Open Source, Mobile, Security, Databases, Delphi, C, OS, Asp, .Net, Php, Xml, Java
Articles
Diligent Defence for the Data-centre
Enterprises have been reaping the benefits of data-centre server centralization. With lower total-cost-of-ownership, more efficient use of resources, faster deployment of new applications and speedier fault resolution, data-centres are the cornerstone of distributed business networking everywhere. Yet, this new arrangement of servers and databases means a single point of attack for miscreants seeking unauthorized access to sensitive information or the means to hold the network hostage with denial-of-service attacks.
Beside the usual daily onslaught of viruses, Trojans and other malware, enterprise data-centres are also highly susceptible to targeted network threats including intrusion and denial-of-service attacks. While mischievous hackers might be satisfied with defacing a Website, today’s criminals are after financial gain and thus are more dangerously motivated. News reports in just the past year have highlighted many cases of stolen financial information and personally-identifiable information. A large number of these breaches have been at large, reputable companies. In fact, the Privacy Rights Clearinghouse (www.privacyrights.org) states: “Over 88 million data records of U.S. residents have been exposed due to security breaches since February 2005.” The global figure is possibly many times larger.
The popularity of Web-based applications has also opened a new channel of attack: the Web server. Security Focus’s BUGTRAQ mailing list, which tracks programming flaws for products so that developers can patch vulnerabilities, noted that more than two-thirds of security exploits reported in 2005 were Web-based. The problem here is that attackers now move so quickly that if patches are not issued immediately, large numbers of machines can be rapidly compromised. For example, the “Zotob” virus was released into the wild just five days after Microsoft identified and announced an exploit. The lag time for “zero-day exploits” to bring data centres to their knees will only get shorter.
Data-centre administrators have been deploying virtual sandbags to head off the increasingly varied and numerous threats. While firewall solutions, especially with advanced security features such as deep packet inspection, form a first line of defence, the sophistication of modern day attacks demands a sophisticated response. That’s why administrators have also been implementing intrusion detection and prevention (IDP) systems, which bolster the firewalls’ ability to block unauthorized traffic. When an attack penetrates the firewall perimeter, IDP systems are able to scan and identify anomalies within the network and, where justified, arrest them.
An IDP system can be quickly and confidently deployed inline to effectively identify and stop network and application-level attacks before they inflict any damage, minimizing the time and costs associated with intrusions. An IDP solution also provides information on rogue servers and applications that may have been unknowingly added to the network, providing administrators with visibility into specific applications and assets that are present on the network and how, when, and by whom they are being used.
Data-centre administrators can also opt for added flexibility with with IDP solution (for example, Juniper Networks’ ISG) which integrates Intrusion Prevention with proven firewall and IPSec VPN technology to deliver scalable network and application level security. This enables safe, authorized connectivity to the data-centre’s mission-critical organizational resources, including essential data and business applications, anywhere in the distributed organization.
IDP solutions make it possible for organizations to confidently centralise their data centres despite the increasing size, variety and frequency of threats. By ensuring data-centre build-outs are balanced with disciplined, comprehensive security plans comprising high quality firewall, IDP, and remote access measures, your business can benefit from more efficient resource usage, while keeping strong protection against the new wave of virtual crooks.
Andy Miller is Juniper Network's vice president for enterprise sales in Asia Pacific. He is responsible for leading Juniper's enterprise strategy and execution in the theatre, managing the company's regional direct-touch sales force to develop growth in the enterprise, government, and academic sectors.
Beside the usual daily onslaught of viruses, Trojans and other malware, enterprise data-centres are also highly susceptible to targeted network threats including intrusion and denial-of-service attacks. While mischievous hackers might be satisfied with defacing a Website, today’s criminals are after financial gain and thus are more dangerously motivated. News reports in just the past year have highlighted many cases of stolen financial information and personally-identifiable information. A large number of these breaches have been at large, reputable companies. In fact, the Privacy Rights Clearinghouse (www.privacyrights.org) states: “Over 88 million data records of U.S. residents have been exposed due to security breaches since February 2005.” The global figure is possibly many times larger.
The popularity of Web-based applications has also opened a new channel of attack: the Web server. Security Focus’s BUGTRAQ mailing list, which tracks programming flaws for products so that developers can patch vulnerabilities, noted that more than two-thirds of security exploits reported in 2005 were Web-based. The problem here is that attackers now move so quickly that if patches are not issued immediately, large numbers of machines can be rapidly compromised. For example, the “Zotob” virus was released into the wild just five days after Microsoft identified and announced an exploit. The lag time for “zero-day exploits” to bring data centres to their knees will only get shorter.
Data-centre administrators have been deploying virtual sandbags to head off the increasingly varied and numerous threats. While firewall solutions, especially with advanced security features such as deep packet inspection, form a first line of defence, the sophistication of modern day attacks demands a sophisticated response. That’s why administrators have also been implementing intrusion detection and prevention (IDP) systems, which bolster the firewalls’ ability to block unauthorized traffic. When an attack penetrates the firewall perimeter, IDP systems are able to scan and identify anomalies within the network and, where justified, arrest them.
An IDP system can be quickly and confidently deployed inline to effectively identify and stop network and application-level attacks before they inflict any damage, minimizing the time and costs associated with intrusions. An IDP solution also provides information on rogue servers and applications that may have been unknowingly added to the network, providing administrators with visibility into specific applications and assets that are present on the network and how, when, and by whom they are being used.
Data-centre administrators can also opt for added flexibility with with IDP solution (for example, Juniper Networks’ ISG) which integrates Intrusion Prevention with proven firewall and IPSec VPN technology to deliver scalable network and application level security. This enables safe, authorized connectivity to the data-centre’s mission-critical organizational resources, including essential data and business applications, anywhere in the distributed organization.
IDP solutions make it possible for organizations to confidently centralise their data centres despite the increasing size, variety and frequency of threats. By ensuring data-centre build-outs are balanced with disciplined, comprehensive security plans comprising high quality firewall, IDP, and remote access measures, your business can benefit from more efficient resource usage, while keeping strong protection against the new wave of virtual crooks.
Andy Miller is Juniper Network's vice president for enterprise sales in Asia Pacific. He is responsible for leading Juniper's enterprise strategy and execution in the theatre, managing the company's regional direct-touch sales force to develop growth in the enterprise, government, and academic sectors.
Related Links
None
