How to get the most out of network security

The IT industry''s role in India''s global recognition as a rising economic power proves that IT can serve as an engine of growth, writes B Ashok, senior VP, IT Services, Cisco Systems India Pvt Ltd. However, he warns information security issues could trip the growth and outlines key security challenges faced by organisations today and explores how network security can help overcome these challenges.

IDC estimates that the Indian IT industry is set to grow to $55 billion by the end of 2008, largely due to the rise in technology and business process outsourcing. While there are several enabling factors, certain issues like information security could debilitate this growth.

Networks are critical to business performance especially in the IT and BPO sector with organisations depending on these networks for communication, transactions and data sharing. The overriding concern of CIOs today is to ensure their networks are constantly safeguarded against various attacks. As a result, information security is increasingly playing a strategic role in today''s business.

Organisations outsourcing to India look for service providers with strong security practices and robust, secure yet open networks. Ensuring remote accessibility in a world that''s adopting wireless technology can only translate into one thing - network security today has to address the ever-expanding definition of the network and all related security requirements.

Enterprises face daunting challenges when it comes to security - worms and viruses, spam, internal theft, hacking and employees with malicious intent are just some of the security challenges organisations face today. In addition, IT and BPO service providers have to address the following issues:

Compliance to regulations
The Sarbanes-Oxley Act, Graham-Leach-Bliley Act, Health Insurance Portability and Accountability Act Privacy Rule (HIPAA), Data Protection Act and other sweeping regulatory changes pose unique challenges to the way data is handled by IT and BPO service providers.

Privacy
Enterprises are constantly handling data and information of their clients'' customers. Care should be that the information is used only for purposes authorised by the owner or supplier and is not shared with unauthorised personnel.

Data Protection
While the concern for data protection always existed, the outsourcing phenomenon has only increased the concern for protection of sensitive information. While stringent data protection laws exist in the EU and the US, most clients are keen that their service providers have equally stringent policies to prevent the data misuse.

While addressing security concerns, organisations need to consider various factors like:

• Integrity: gathering and maintaining accurate information and avoiding malicious modification
  
• Availability: providing access to the information when and where desired
  
• Confidentiality: avoiding disclosure to unauthorised or unwanted persons

Securing your network
Given the severity and potential threat of these security challenges, it is imperative that an organisation employs an integrated security strategy, where the network is equipped to defend itself. In other words, every device in the network, from desktops through the LAN and across the WAN, plays a part in securing the networked environment through a globally distributed defence.

With integrated security, enterprises can enable networks to identify threats, react appropriately to the severity level, isolate infected servers and desktops and reconfigure the network resources in response to an attack.

Some key elements of this strategy:

Secure connectivity :
A vast majority of companies use the flexibility and cost-effectiveness of the internet to extend their networks to branch offices, telecommuters, customers and partners. Ensuring the privacy and integrity of all information is paramount. Not only must organisations protect external communications, they must also help ensure that the information transported across an internal wired and wireless infrastructure remains confidential. Similarly, companies must secure voice and video as they use their existing network infrastructure to provide new business-enhancing services.

The dilemma many businesses now face is how to protect the privacy and integrity of all information while cost-effectively creating a manageable communications infrastructure that will improve productivity, enable new business applications, and enhance business efficiency. Additionally, many companies are mandated by governmental or industry regulations to ensure the privacy of information.

Some of the key technologies that enable secure connectivity are Virtual Private Networks (VPNs). VPNs establish secure, end-to-end private network connections over a public networking infrastructure. In addition to reduced communications expenses, VPNs allow mobile workers, telecommuters, partners and day extenders to take advantage of broadband connectivity. VPNs have become the logical solution for remote access or site-to-site connectivity.

Threat defense systems:
Network security must protect a business from threats, both known and unknown, such as access breaches, "Day Zero" worm attacks and viruses, and internal threats, which cause the most damage.

Moving forward, network security must shift from being perceived as a cost center toward actually saving your organisation money through productivity increases, business resiliency and business operations stability. With these two heavy requirements of providing higher protection as well as increased profitability, a system-level approach toward defense-in-depth is required.

Simply put, enterprises need to have a collaboration of security solutions and intelligent networking technologies that identify and mitigate both known and unknown threats from inside and outside your organisation. This unique systems approach protects your business productivity gains through flexible, customisable deployment of security and network services, providing comprehensive coverage throughout the network, from the network data center, to the branch offices and down to the end points.

Endpoint security solutions that protect desktops and servers, ''distributed denial of service'' (DDoS) attack detection and mitigation, integrated firewall solutions, network intrusion protection systems that identify, analyse and stop malevolent traffic, content security solutions, monitoring solutions that provision and monitor security services and network activity are some technologies that form this elaborate yet key aspect of integrated security.

Trust and identity management:
Businesses need to effectively and securely manage who and what can access the network, as well as when, where, and how that access can occur. Deploying a complete ''identity management'' solution lets enterprises secure network access and admission at any point in the network, while isolating and controlling infected or unpatched devices that attempt to access the network.

Organisations can also streamline the security management of remote network devices while taking full advantage of existing security and network investments. Identity management solutions basically:

• Authenticate entities and determines access privileges based on policy
  
• Authorise and control network access and push access policy enforcement to network devices via VLANs, access control lists (ACLs), etc.
  
• Track the who, what, when, where and how of network activity

Comprehensive and robust identity management solutions and services guarantee the identity and integrity of every entity on the network and apply appropriate access policy; deliver visibility into network activity; secure the centralised management of remote devices; and provide Authentication, Authorisation, and Accounting (AAA) functionality across all network devices.

In addition, these solutions expand network security prevent unauthorised network access from rogue wireless access points. They automatically identify users requesting network access and route them to a VLAN domain with an appropriate degree of access privilege based on policy (for example, guests versus employees).

Lastly, these solutions allow network access only to trusted endpoint devices that can verify their compliance to network security policies, such as having a current anti-virus image, OS version, or patch update. Thus, they permit, deny or restrict network access to any device as well as quarantine and remedy non-compliant devices. While some of these concepts have already been implemented, security and networking vendors are working together to realise the full benefits of integrated security.

*The author is senior vice president, Cisco Systems India & SAARC