September 6, 2011
Leave a comment
| Share this article
Keeping Your Network Protected
There is a threatening side to the Internet that one reads about in articles meant to shock and usually only encounters signs of if digging through email spam folders. We are talking, of course, about hackers and their various nefarious tools. Worms and viruses still exist, despite spam filters, and still have the capacity to cause great harm if not protected against. And in this new age of wireless technology, there are many avenues into your computer and into your network that need protection. That is why it is more important than ever to find security solutions for your network that take all of these contingencies into account.
To protect the network, some organizations use Network Access Control (or Network Admission Control if you buy it from Cisco). NAC lets the network decide whether to let a device onto the network or not and what the device can do once connected. In practice, this often means that the network restricts access until a device has proven itself worthy by running a security check on the device. The goal is to keep computers that have been infected off the LAN and thus prevent them from infecting other computers and files on network shares.
But don't networks already have firewalls?
Yes, but they do not always provide the protection needed. Imagine the following situation: a bank manager takes her laptop home to prepare for a meeting the following morning. Her teenage daughter borrows it to do research for her homework, checks her email and happens to be tricked by a spam message. She downloads something she isn't supposed to, is embarrassed to admit it, assumes there won't be a problem and keeps mum. The laptop gets infected. The next day, the bank manager carries her switched-off laptop past firewalls and into her office and connects it to the office LAN. The worm knocks out 100+ branch offices.
This scenario is not entirely implausible, and demonstrates how a traditional firewall would fail to prevent a worm attack, even at a place with incentive to be as technologically defended as a bank. An attack of this nature would however be prevented by NAC. With NAC, the network can decide not to admit the laptop onto the network until it has provided some proof of being clean-a test one hopes this laptop would not pass. In this way, NAC can be an important piece of an organization's network security arsenal.
However, NAC like this is (while a good and sometime necessary technology) often prohibitively expensive (you'll need some hefty network infrastructure) and leaves some issues unaddressed. Chief among them, it would obviously be better to have the laptop not be infected in the first place, and NAC does nothing to help there. Specifically, NAC as implemented in the office LAN cannot possibly do anything to protect the laptop when it is far away and connected to the user's home Wi-Fi, as it was in this case.
SafeMove however can help address these issues. SafeMove uses the idea of NAC to better secure your network, and prevent the spread of worms even from remote workers. A client can implement a dynamic VPN and firewall policy that is affected by the security status of mobile devices, and then can restrict network traffic when the security status isn't perfect-updated and clean. This will both protect a SafeMove device from infections and protect the network from the device. An outdated device will not be able to access the network and be exposed to viruses and attacks, so the user must update. The malware on an already infected device will not be able to access the network, spread itself and attack others, so the threat there is neutralized.
And SafeMove is beneficial because it is always on, in contrast to traditional VPN clients where the user connects the VPN when access to the network is needed. SafeMove enforces the network policy and protects the laptop from the moment it boots up until the moment it shuts down. VPN connections are established automatically when needed, without user intervention, so the user cannot forget to switch on security. SafeMove focuses on network security involving mobile workers and helps plan for the growing number of contingencies one must account for on the ever-threatening frontier of virus protection.