a look at present and future trends in network security,
the threats we are likely to see in the next five years
and what kind of new tools and technologies will emerge.
by Manoj Kunkalienkar
Security is not a new discipline; every year we see
research, technologies, products, laws, protocol, standards
etc emerging. Traditionally, Network Security has been
perceived as a hindrance for the adoption of technologies
in the enterprise, and this mindset is a complex issue
to overcome. To achieve a truly secure environment,
many layers of protection are required. As networks
have grown exponentially, so have the security threats
to the enterprise both internally and externally. Besides
the technological challenges, there is also the daunting
task of ensuring that all employees understand the threats
posed by non-adherence to set guidelines.
Enterprises today, in spite of understanding the implications
of security, fail to undertake fundamental exercises
like identifying their assets and connections or assessment
of basic vulnerability. Besides these issues, many organizations
lack an IT security policy and even in the more structured
organizations, which have policies, consistent enforcement
across the organization often remains an issue.
Security challenges can be categorized into:
The lack of training and resources to address the
first three problems
These security vulnerabilities have resulted in the
loss of business critical data in many organizations
impacting their bottom lines. The biggest challenge
lies in end-user awareness. Previously, security was
treated with indifference by the end-user. However,
today's users are better informed and receptive to security
threats and needs.
Although no technology in the world can eliminate all
security concerns, there have been improvements in several
key areas. Let us examine a few solutions available
for network security.
Firewalls: They are a highly trusted and time-tested
solution in the network security arena. At the most
rudimentary level, firewalls consist of software that
restricts access to internal networks from the public
networks/Internet. By setting up a firewall, legitimate
traffic such as e-mail is channeled to the mail server,
while intrusive programs like search engine spiders
or FTP clients cannot access internal networks within
the confines of the firewall.
Firewalls are an integral part of any organizational
network. Although firewalls can't make your network
impregnable, they do serve the function of masking your
presence from casual access/hacking. Firewalls also
offer some protection to users while venturing from
the internal network to the Internet. Firewalls act
as proxies while fetching Web pages, so the identity
and IP address of machines on the network are not revealed
to websites accessed, thus preventing hackers from learning
details about the structure of the network.
Virtual Private Network (VPN): VPN allows employees
access to company information and servers from external
access points. Though this provides tremendous freedom
and opportunities to employees to work from external
locations, VPN's also poses a significant security threat
to the entire corporate network. One of the problems
confronted by VPN is intermingling of company data with
personal information. Organizations must ensure that
the remote users adhere to a well-defined security policy
by deploying the right tools to restrict backdoor entry
into the company's network. This can be done by appropriately
configuring VPN access with patches, updated virus detection
tools and personal firewall. Strict security measures
need to be installed at the VPN server side and monitoring
of all inbound traffic from the VPN gateway is necessary.
Secure Network Compartments: Organizations are
increasingly creating and deploying secure network compartments,
which are zones of heightened security. These secure
virtual zones are then utilized for storage, management,
and manipulation of mission critical or confidential
information. The secure zone or network compartments
are separated from the backbone network through access
control devices like a filtering router or a small firewall.
Web Server Security: Intranets and extranets
are often constructed using Web servers to deliver information
to users in a now-familiar form. Username/password authentication
has long been used as a mechanism for restricting access
to websites. But because these character strings are
themselves passed as clear text, capable of being intercepted
and read with simple network management tools, basic
passwords do not adequately secure communications. A
significant improvement can be achieved by encrypting
communications between a browser and a server. The most
common way of doing this is to establish a secure connection
using a variation on HTTP and the Secure Sockets Layer
(SSL). Increasingly, commercial websites are using SSL
to guarantee the authenticity of the server and integrity
of the data delivered to website users. SSL also protects
visitors' responses to the interactive elements of the
site. SSL has become fundamental to the spread of Internet
commerce and is being used for an increasing range of
transactions across the Internet. However, by default
most SSL implementations in Web servers do not authenticate
the client Web browser.
Digital Certificates: Digital Certificates are
now a key part of contemporary Internet business initiatives.
When appropriately implemented, certificates can prove
to be a secure means of identification that can't be
repudiated, much like the signature on a contract. Digital
certificates can provide a sophisticated means of controlling
and monitoring access. The certificate acts as a token
for access control; the user must present it in order
to gain access. In many implementations this can be
done automatically, in some implementations the certificate
is stored on separate devices such as a smart card which
has to be presented to the local client to access the
Intrusion detection: Intrusion detection gained
impetus in 2001, as security experts called attention
to the fact that the most successful intruders are the
ones who escape casual surveillance. An example of an
interesting technology introduced to counter this problem,
was the 'honey pot,' a system that appears to be only
lightly secured upon initial inspection, but actually
cages the intruder in a secure area of the file system
and records his every move.
What does the future hold for network security? What
types of threats are we likely to see in the next five
years and what kind of new tools and technologies will
The new emerging tools for security managers and administrators
will facilitate deployment of security tools down to
a larger set of hosts, workstations, and network devices.
One such emerging technology is biometric security.
Although fingerprint recognition leads in this segment,
face and voice recognition are not far behind. In addition,
single sign-on technology, which allows users to browse
through network resources without entering several passwords,
is a powerful tool when combined with biometrics.
Together, these technologies allow organization to enforce
strong passwords on all systems managing data access
as per predefined rules.
On the infrastructure side, more complex DMZ and firewall
configurations will become the norm. Layering of controls
and analysis systems will become commonplace, as defense
mechanisms will have to counter new attacks and threats.
Greater attention will be paid to both the physical
and application layers in designing these new networks,
as attempts are made to isolate middleware and database
servers from assault.
With the start of another year, the time has come to
address the basic tasks you must undertake while ensuring
your organization's security.
These two top-priorities must be a part of your current
Security policy review
Auditing and testing of your security posture
The coming year is sure to be busy with new threats,
tools, and technologies. Your world is changing very
rapidly and your security posture has to change along
with it. So, at the beginning of the year, take a look
around you and ensure that you have covered your tracks.
The writer is Executive Director,