Securing Networks: Going beyond the Perimeter

Network security is an important segment of the entire security system that the government has to manage. With the evolution of technology, new platforms of interface between citizens and technology/service providers have emerged, and these have created new scope for collaboration and partnerships between the government sector and the private sector

Pragya Gupta, Elets News Network (ENN)

Managing network security is a complex problem for every enterprise. The inside and outside network boundaries are blurred by the adoption of multipoint devices especially mobile devices. User name and password is not enough for securing the network, when access is not restricted to devices, perimeter and service. On one side technology is benefiting in terms of collaboration, sharing, access and convenience to users and on the other side its security gives lot of challenges to IT managers and network managers who need to control and monitor any unwanted or dubious activities happening in the Network.

In the government sector the scope of damage due to infiltration of networks can be much larger. The reach of business enterprisesis restricted to their customers and stake holders, but the government services touch everyone. Government is trying to reach the remote areas to offer services by providing handheld devices. Such initiatives are necessary but they have also increased the scope of the network, which now faces more risks than ever before.

“A large majority of the central and state governments are satisfied with traditional perimeter security comprising of Firewalls and Network IPS solutions. Monitoring vulnerabilities in the network & systems is rarely considered important. However, we have started to see some traction towards data protection solutions, server protection and log and incident correlation solutions,” Rakesh Kharwal, Head – Government Business – India, McAfee Inc.

Change in Needs
The information age confronts with a new and troubling definition of war and warfare. The profile of a hacker has also transformed owing to the evolving sophistication and pervasiveness of cybercrimes that are designed to go under the radar and steal sensitive data from individuals, businesses and governments. These days, government organizations witness Advanced Persistent Threats (APTs). By design, APTs are custom engineered to fly underneath the radar of most traditional security defences or even leverage insiders.As a natural corollary, the traditional network security isn’t sufficient enough to block these attacks as these attacks are mostly encrypted. One needs to look at the problem and available tools in a slightly different way.

Traditional network security solutions do not protect against today’s web2.0 threats, which require granular access functionality providing access to employees to internet however at the same time protecting against the targeted encrypted web 2.0 threats. Since most of the targeted attacks today happen at the application layer, it’s important that network security tools are application aware and can detect threats emanating at the application layer,”RakeshKharwal, Mcafee.

With government making its operations computerised and centralised, challenges of securing data has become complex. Surge in network security requirements with ‘e’ associating with G2G and G2C projects has been registered. Various reports have forecasted that there is going to be a good growth of network security market in India which indicates the concerns are there to increase.

“There is a significant rise in the threat scenario for the Internet. Since all applications used in e-governance are web based and are open to public, they are prone to attack. Data Centre Security solutions have to be deployed at every stage of the network. When it comes to the government sector, cyber security is a matter of national security. A significant hacking attack on the government’s network can be a blot on the nation’s reputation,” Nilesh Jain, Head – Government Business, Trend Micro India.

Surge in Adoption
Government agencies face increasingly complex data challenges. While protecting their constituent’s confidential information and maintaining a secure IT environment, government agencies has must also comply with regulatory standards and all the industry and legislative mandates. They have to work under these constraints to protect data across the cloud, email, servers, and endpoints. There is no doubt that currently the various government departmentsrealised the critical necessity of protecting their physical, virtual, and cloud environments.
“Government is keen to make e-Governance more prevalent so that necessary services can be brought to the public in an easy and seamless manner. Network security is a cause of concern. There exists the very critical and important needfor Security OEM vendor like us to work closely with government department for helping them design their network security architecture. It is important to have security systems for safeguarding online systems that are widely accessible to public,” added Nilesh Jain, Trend Micro.

The trend is to have a multi-level data security network, build multiple gates so that data is not compromised

In today’s workplace, it is increasingly common that primary business resources, including data centres, applications, and endpoints as well as users, are all outside the traditional business perimeter. Extending business borders around all these resources and users poses as a significant challenge to the IT departments. It is quite difficult to scale up the security levels in a situation where every project is an exception to traditional IT design and management practices. IT needs a better way to scale and manage users and customers in any location, given those users may be using virtually any device or connectivity solution, located anywhere in the world, to access almost any application.

Earlier spam was the less powered tool to be treated as a nuisance and has been addressed with some simple algorithms, but in the current scenario spam has been used as a tool to attack cyber systems. So it has evolved into a new kind of threat that we cannot afford to ignore and required revised and upgraded tools to fight against it.  The objectives are the same, but solutions have to be revisited. The same the solution cannot address the changed needs of security.

The trend is to have a multi-level data security network, build multiple gates so that data is not compromised. The current approach of the government is very systematic and they are taking serious and measured steps towards ensuring their data protection strategy. The government is spending significant money in securing their infrastructure.

“A new generation of multimedia-savvy and socially networked employees is entering the workforce. This generation is conditioned for always-on, instant, anytime, anywhere connectivity, through an array of personalised devices. Cisco Borderless Networks enables IT to architect and deploy its systems and policies efficiently to provide secure, reliable, and seamless access to resources from multiple locations, from multiple devices, and to applications that can be located anywhere, “Bipin Kumar Amin, Principle Consultant, Borderless Networks – Security, Cisco.

Security Challenges
The challenges faced by government enterprises include the aspect of reduction of security burden on the virtual desktop servers, while bolstering protection against newly emerging threats. There is also the need to offload the network and the desktops to maximize productivity and take advantage of virtualised desktops, without compromising on security.
Government systems host tax information and other very sensitive information that they cannot let anyone tunnel in through any back door. Government enterprises have taken steps forward and have shown swiftness in adapting to more dynamic and latest security solutions with in-the-moment detection for catching zero-day threats and giving better control of the environments.

In most of the completed and ongoing projects we can clearly see that advanced network security solutions has been incorporated which not only cover perimeter security but also covers servers and endpoints security with latest security solutions like HIPS and Encryption.

“We are committed to security and we deliver advanced protection from the cloud. Threats are blocked in real-time, before they reach the infrastructure and desktops. Our solutions strengthen the cloud-powered endpoint protection, with features like local web reputation and further facilitate the plug-in architecture to add more layers of protection,” added Nilesh Jain, Trend Micro.

Bipin Kumar Amin

Principal Consultant, Borderless
Networks – Security, Cisco

“A new generation of multimedia-savvy and socially networked employees is entering the workforce. This generation is conditioned for always-on, instant, anytime, anywhere connectivity, through an array of personalised devices”

Organisations need to ensure that their networks remain secure, reliable and compliant. The physical, virtual, and cloud resources have to be secured. To provide sufficient defence to their networks, enterprises have to deploystandalone point solutions (VPN, Firewall, NIPS,etc), which are especially conducive in securing IT infrastructure from outside in attacks. Unified Thread Management solution may help secure small/medium networks.

The nature of threats is wide and different in nature. The server faces critical risk of hacking of SQL injections, but endpoints carry risk of BOTs. Thus unified threat management solutions may not be effective in dealing with these threats.

Only standalone solutions targeted to protect specific segment of network and specific nature of threat can be a good solution. Further for Government enterprise customer depending on the size of network and criticality of Information hosted, choices can be made between standalone solutions and theunified one. But one must remember unified threat management comes with lots of limitation in handling particular threat issue.

The way users’ access information is also shifting. In the past, data and applications were housed on premises, and users were also generally on premises. Today many organisations tap into talent pools. Workers might be full-time remote employees or contractors. Applications might be hosted off site or even in the cloud. But traditional IT still treats these crucial resources as internal entities.

With Cisco Borderless Networks, IT can unify its approach to securely delivering applications to users in a highly distributed environment. The crucial element to scaling secure access is a policy-based architecture that allows IT to implement centralised access controls with enforcement throughout the network, from server to infrastructure, to client. Security with Cisco TrustSec technology: Provides pervasive, consistent, policy based access and link-layer encryption to protect corporate assets and reduce risk.

“There is no one set of best technology solutions, it varies based on the government projects, platforms of interface and citizens’ engagement practices. Fir each application there is a customized set of network security options that they can adopt. There are data centres, telecommunication hubs, SWAN, etc, all these government businesses demand a unique set of network security gate to protect their data,”Ravishankar, CEO, Nevales Network.

Risk calculation is very important in network security. Security solutions can only be derived and deployed when risk calculation in done in smarter way.The control system engineers and IT specialists work together to maintain the network. The team should docket risk analyses on a regular basis, implement change control and monitor the network regularly. The network security industry is always announcing new ways to secure and protect networks, configurations and information which can we well taken and analysed for the network environment to keep it protected. Staying informed is one of the ways for improving network security. More than anything else, it is regular security audits, education, and monitoring that are mandatory for improving network security.