Securing the Distributed Enterprise

No business installs an alarm system and posts guards at the main entrance while leaving the back door unprotected. Yet, distributed organizations including retailers, banks, hospitals, government agencies, and even managed security service providers (MSSPs) often deploy the latest and greatest network security capabilities at headquarters, but provide only minimal protection at retail outlets and branch offices. And, just as thieves easily find unprotected back doors, hackers ignore the fortified main office and attack the most vulnerable points.

In 2014, distributed organizations like Target and Home Depot, major brand names that invest heavily to protect their data, were breached by remote exploits. In the Target breach the initial attack didn’t come in via the front door. Instead, a remote site (actually, a partner site) was used as the point of entry. Hackers used credentials stolen from third-party vendors to log onto the network remotely and used VPN tunneling to upload malicious software to steal credit card numbers from checkout registers.

To prevent these types of attacks, distributed organizations of all sizes need the highest levels of security at every location, even without onsite IT personnel. Here are five security essentials for protecting all entrances to your organization:

1. Next-generation firewalls: All organizations have firewalls, but often not the type that provide true security. A next-generation firewall (NGFW) provides a traditional firewall with other security capabilities, including deep packet inspection of actual content of all traffic. NGFWs enable early detection, mitigation and reporting of attacks and malware, and provide visibility and control for applications used on the network – even for SSL encrypted traffic.
2. Centralized management: Centralized management of all firewalls allows one administrator to manage the entire security infrastructure from a single location. For a distributed enterprise, this means a single administrator can manage the security policies for multiple branches or offices without onsite security IT resources. Being able to set security policies for all devices with just a few mouse clicks improves the security profile while reducing costs. The best management solutions also have a granular policy engine for assigning different policies for either individual or groups of firewalls.
3. Unlimited scalability: This enables a distributed enterprise to scale as it adds locations. Additionally, WAN acceleration enables distributed organizations to run security software efficiently, even in regions with bandwidth challenges. Ideally, these solutions should be automatically recognized by the firewalls and then self-configure, eliminating the need for IT visits.
4. Application control: Centralized security management solutions must be able to set application priority to ensure that critical apps have unfettered bandwidth on the network, while applications like social media are throttled to optimal resource management.
5. High performance DPI SSL inspection: Due to privacy concerns, major internet companies like Google and Yahoo now encrypt all traffic between their data centers and end users. According to NSS labs in 2013, on average 25 to 35 percent of enterprise traffic was encrypted using SSL, and was expected to grow 20 percent per year going forward. This means the firewall must have extra horsepower to decrypt and inspect enterprise traffic with room to grow as SSL usage proliferates.

Hackers’ ease at using vulnerable remote locations to infect networks places new demands on enterprises to protect every network gateway with the same high level of security. With centrally managed, high performance next-generation firewalls, it’s possible to rapidly achieve this goal at a manageable total cost of ownership.