As with everything else in life: so many network security options, so little budget. How do you know which one will best protect your network, users and devices? No need to agonize over endless hours of research, we’ve shortlisted the five critical elements of cyber security: firewalls, NAC, anti-virus software, proxy servers, and endpoint security.
Filtering out malware that might otherwise bury itself so deeply into the network that it cannot be removed is a pure gain for your network security. That is what a firewall is for. How can you be sure you have a firewall suited to your network? Test it for stability under tough traffic conditions. According to NSS Labs you should subject your firewall to traffic from several protocol randomizers and mutation tools. And at a maximum of 350Mbps and 60,000 packets per second. Another test is to see if your firewall blocks a constant stream of attacks over time, while allowing most of the legitimate traffic and alerting the admin to the attack.
On the downside, employees pressured to get their jobs done, might turn a firewall off as if it slows down their computers. Only regular employee training and raising awareness to the importance of the firewall will help here.
Network Access Control
Network Access Control (NAC – sometimes AKA Network Administration Control), provides visibility and control for any user and any device in the corporate network. Utilizing its agentless technology, it can detect and profile any device on the corporate network in real time across all network layers; wired and wireless network, VPN, Virtual and Cloud.
It also employs an access-control policy that matches users and permissions. This policy also defines endpoint security via wired or wireless networks. NAC enables you to set a policy for every user or group of users. This means that once a NAC solution is deployed, your cyber security team have a much easier time controlling access to the network (denying access if necessary), thus protecting it. Some of the NAC solutions are deployed in a central location (on premise / cloud) and can see all of the network locations – whether headquarter or a remote branch.
The 802.1x NAC protocol is not always the most viable option. Next generation NAC sets out to resolve all the issues that have made NAC deployment complex. With NG-NAC, you control who accesses the network and what activities they can take once they have entered it. NG-NAC also copes with smartphones and IoT devices by separating them for core components/ layers of the network. Cloud based solutions such as Portnox CLEAR, make deployment even simpler as they easily integrate with other existing security solutions and offer pre set-up infrastructure for easy deployment. Portnox CLEAR also delivers continuous risk monitoring as well as Risk Adaptive Access over the VPN utilizing its two factor authentication approach, enabling access not only by the user strong identity but also based on the device risk score when accessing through VPN.
The best “anti-virus program” is to get network users to be aware of how easily viruses can attack their computers, laptops and smartphones every day. Employees tend to remove the anti-virus applications from their devices because they often consume a lot of resources during scans. After the firewall, the anti-virus software is the second level of protection, detecting malware on the hard drive. A good anti-virus software should also protect your network from viruses, spam, spyware, Trojan worms and identity theft. Automated updates are essential for optimal protection.
Deciding what you want to use a proxy server for is the first step of the equation.
Will it be used solely for the purpose of forwarding requests for internet access, or also as a replacement for IP addresses? Proxy servers can thus save expenses of providing routable addresses to access many systems. In this mode they also obscure the location of the client but it is still advised to use a firewall.
Proxy servers can also increase performance by acting as caching servers. But look out! The high quality of the cache system might well mean that your secured data is being viewed by the proxy service provider. You can place filters and anti-virus programs on the proxy. This is however not foolproof as not all data is scanned. A proxy server can simplify access to blocked websites. This however is not always good news. Hackers create proxies to achieve high level access to networks, using them for repeated attacks.
Endpoint Device Security
Endpoint devices come in all shapes and sizes and are probably today’s biggest security loophole. For example, no security application is known to completely stop someone from attaching a USB drive to a computer (and stealing confidential data in large volumes). Endpoint devices are also used to initiate a malware attack.
Securing the endpoint devices directly is usually limited to a specific device and sometimes to a specific version (no updates for more advanced devices). Unfortunately, Network Administrators cannot ensure all network users are using permitted and secured endpoint devices. The biggest culprit is the USB stick. According to Hendon Publishing, most frequently, the vast majority of sloppy endpoint practices are the result of employees trying to get things done quickly. Once again training and awareness play a key role to your ability to implement a successful network security program.
The Optimal Solution for Enterprise Network Security
Of all of these methods, next generation NAC is the best all-around type of protection. It is more comprehensive than just anti-virus, end point security, firewalls or proxy servers. NG-NAC controls access to the network and provides full visibility to activities within it. It thus stops one of today’s most prevalent network threats, namely illegitimate mobile devices used to access corporate information.
Training and awareness are important, but you do not want to depend on others when securing your network. Only NAC is dynamic enough to provide you with peace of mind.
About Portnox This blog was written by Portnox. Portnox helps organizations to see, control, react and manage the risks their networks face for any user, any device, from any location. Using Next Generation NAC, Portnox secures connected organizations with ease.
How does Portnox do this? By discovering 100% of an enterprise’s connected endpoints and profiling them, Portnox can point out which devices are IoT devices. Next, Portnox forces these devices to a defined segment of the business network. This creates network hygiene and ensures that the rest of the network remains out of reach of the IoT devices. Sensitive information and systems that are vital to the organization are maintained segregated and secure.
Try Portnox Cloud for Free Today
Gain access to all of Portnox's powerful zero trust access control free capabilities for 30 days!