protecting the enterprise network through web security

Protecting the Enterprise Network Through Web Security Threat. The word indicates an expression of intent to hurt or a source of imminent danger. In the world of business technology, an undetected, According to Brian Burke, research manager of security products at IDC, up to 30% of workplace Internet use is not business related.1 uncontained Web-based threat can result in lost production and compromised privacy. Organizations that fail to recognize the danger Employees can use workplace resources to access online shopping, webmail applications and stock trading, in addition to bandwidth hogs posed by unrestricted, unsecured Web access run the risk of network shutdowns, regulatory restrictions and climbing costs. More than like streaming video and audio services. Unfiltered, inadequately secured Web usage can slow down an enterprise network’s performance and simple recognition, business must respond with proactive measures to protect and optimize corporate networks, mitigate risk, increase cost millions in unnecessary expense. Some types of workplace Internet abuse could also lead to costly charges of workplace controls and eliminate threats before they adversely impact business. Such is the mission of Web Security solutions. harassment and legal problems. Given the risks and challenges of permitting unregulated and unmonitored Web access, employers often believe that they must This paper will analyze threats to Web security, including destructive malware, viruses and phishing attacks. Three types of security choose the opposite extreme and eliminate all employee Web usage. This is hardly a viable alternative in today’s marketplace and can lead solutions will be identified and evaluated: desktop-based tools, server- or gateway-level applications and managed security services. to further erosion of competitive positioning. The Reality of the Risk Today the Web is an essential resource for many businesses. Enterprises of every size rely on the Web for communication, research, marketing In addition to the increase in Web surfing at work, corporate use of IM tools is fast penetrating the enterprise network. While IM is a key enabler of effective employee communications, it also represents one of the fastest growing threats to corporate networks. Unsecured and and everyday operations. By enabling productivity-enhancing tools and advanced business applications like Instant Messaging (IM), the unmanaged IM applications can lead to the loss of confidential data and costly legal and regulatory consequences. Web has fast become one of quickest and most economically viable ways for even the smallest of organizations to grow and compete on a grand scale. Sophisticated Threats Many organizations are well aware of the threat of viruses and worms, particularly the risk posed by unfiltered email usage. As a result, a With rapid and sometimes unchecked Web growth comes new opportunity for employee abuse, rogue attacks, Guerrilla marketers and unethical competitors. From unrestricted Web surfing to unwanted large number of enterprises utilize some form of anti-virus software that screens incoming and outgoing messages. However, many criminal intrusions, new light is being shed on the vulnerabilities of Web technology and the intrinsic flaws in browsing applications. businesses remain unaware of the growing risk of Web-based viruses, spyware, adware and other malicious attacks, all of which can expose These vulnerabilities make Web applications and corporate networks more susceptible to threats that can lead to severe declines in sensitive corporate and customer data to outside intrusion. productivity and enormous financial damages. In addition to using the Web to directly target corporate networks, indirect attacks can be Unlike viruses and worms, the creators of spyware and malware applications are driven by economics. Marketers and advertisers are launched by infecting sites used by employees. The result is that an individual can act as a transport mechanism for destructive malware. willing to pay large sums for valuable data on Internet usage. While adware programs generate revenues by directing users to the desired Web sites, sophisticated rootkit applications attach to a PC’s operating system to enable an attacker to exercise stealth control over a user’s system. A rootkit is a set of software tools intended to conceal files, system data policies, every workstation requires individual updates. This makes desktop solutions very expensive for large-scale deployments. or running processes from an operating system. Rootkits have recently been used by malware to help intruders maintain access to systems Because filtering occurs on the desktop, desktop-based systems fail to address bandwidth optimization and network performance concerns. while avoiding detection. In addition to issues caused by attached rootkit applications, phishing attacks and other Web-based malware Inappropriate or malicious activity passes through the company’s Internet connection and the corporate network before it is filtered on often use the appearance of legitimacy to compromise and endanger confidential account information. the desktop. This permits the malicious activity onto the premises before it is controlled or blocked. Filtering this activity on the premises Unfortunately, the successful detection and removal of this new strain of malware is increasingly difficult and time consuming. The optimal may utilize enough network bandwidth to impede performance. strategy is to erect a barrier that prevents malware from ever reaching the enterprise network. That defense should start with an effective Server/Gateway-Based Services In the enterprise setting, desktop systems have largely given way to the second key category of security solution: the server/gateway- Web filtering service that prevents users from visiting high-risk and inappropriate sites. Additionally, Web traffic should be scanned for based service. While the capabilities are similar to desktop systems, these premises-based solutions do address many of the concerns and malware using anti-virus tools. But how can those tasks be performed effectively with limited IT resources? A thorough examination of the shortfalls of desktop Web security systems. available solutions will help answer that question and better equip the enterprise to formulate a comprehensive strategy for Web security. By enabling easier deployment and centralized management capabilities, server/gateway solutions are scalable and easily maintain and enforce corporate Web usage policies. Because control resides on Web Security Services There are three points in the data flow where security controls can be enforced: on the device, on the premises and within the network. the enterprise premises, special IT resources and expertise are needed to manage the solution. Typically, server/gateway solutions require Security controls on the device are commonly provided via personal firewall or end-point security suite loaded on to a PC, laptop or other significant upfront capital expenditure and may divert valuable technology resources away from mission-critical business processes. end-point device. Security controls on the premises are server-based and are built as part of the gateway or security between the Internet Users need to purchase both hardware and licenses up front and must support that infrastructure on an ongoing basis, which may include license renewals and frequent server and software upgrades. and corporate network. Finally, network-embedded Web security services are embedded in the network infrastructure to filter traffic before it reaches corporate connections to the Internet. Like desktop systems, server-based applications do not safeguard bandwidth or optimize network performance. Since they are unable to confront security threats until they reach the enterprise network, gateway solutions may make the network more vulnerable to mal- A Comprehensive Web Security Solution Should: • Secure the network by keeping risks at bay code attacks. Mal-code is a form of malware that is imbedded in computer code. Services that mitigate threats further away from the • Clean up malicious codes and other intrusions enterprise would help to reduce the risk of viruses since they are blocked before entering the corporate network. Delayed updates to • Improve and integrate security controls malware and spyware signatures result in dangerous windows of vulnerability for Web applications. • Efficiently manage cost • Safeguard and optimize bandwidth performance Network-Based Services A third approach to Web security is a managed services architecture that provides scanning and protection capabilities before Web traffic reaches the enterprise network. In this solution, potential threats are evaluated, identified and resolved while still on the provider network; Desktop Tools Desktop-based systems offer basic anti-virus functionality, spam and spyware blockers and URL filtering capabilities. By preventing access thereby, reducing the risk to the enterprise. When scanning takes place in the provider network, traffic patterns from hundreds of to inappropriate sites, desktop solutions can significantly reduce the likelihood of downloading viruses and other threats associated with businesses can be studied, helping to establish normal traffic patterns that can identify malicious code while in route. Businesses trying to the use of the Internet and IM applications. When implemented in smaller organizations, the solutions are generally easy to install and identify threats themselves rely on internal knowledge and individual alerts they may receive. Network-based Web security offers maintain and relatively inexpensive to purchase. capabilities throughout the enterprise network, including branch offices, the coffee shop, a remote business location or a home office. However, desktop solutions do not fare well in larger enterprises. Scalability is a major issue. For large corporations and user groups, the Fully managed, network-based security services present several distinct advantages for businesses. Since they need to support larger systems are difficult to install and update because desktop solutions need to be installed and managed on every device. This requirement numbers of employees, multi-location enterprises benefit from scalability and quick deployment. Smaller enterprises, which may lack internal IT resources and expertise, are also attracted to the rapid deployment, as well as the ease of use and real-time threat protection of managed services. Maintenance, monitoring and administration of A Proactive Spyware Screening Service Delivers: Web security services by internal staff can divert resources from important revenue-producing activities. By reducing capital • Protection and screening of inbound and outbound Web traffic expenditures and maintenance fees, managed services can be more cost effective than premises-based solutions. A completely integrated, • Accurate and comprehensive databases for spyware identification network-based security service offers ease-of-use and comprehensive management reporting as part of the managed solution. • Identification of infected desktops for the concentration of remediation efforts Features of Network-Based Security Solutions The optimal Web security solution delivers a comprehensive and customizable suite of protection services, including Web virus • Customized notification when spyware is detected scanning, Web filtering, Spyware screening and IM Control. • Scalability and management of multi-site locations • Simple administration and detailed reporting tools Web Virus Scanning To successfully defend against increasingly sophisticated and complex Web threats, an enterprise should proactively protect its network. An IM Control effective Virus Screener should be up-to-date, offer multiple layers of scanning, deliver real-time protection against browser vulnerabilities, From a regulatory viewpoint, IM messages are subject to the same archiving and logging standards as email. An integrated, high- provide comprehensive statistical analysis and reporting and require no special hardware or software. performance IM Control service helps secure the enterprise from the threats that IM can present. Web Filtering By changing the configuration of both inbound and outbound IM traffic, an effective IM Control service scans and manages messages Customized Web Filtering puts the enterprise in control of how employees use the Internet. Easy-to-use tools enable employers to for security, compliance and productivity, without the need for costly hardware or software. A managed IM Control service: create, enforce and monitor a clear and comprehensive Web usage policy. Web Filtering can preemptively categorize Internet search results and block specific file types in accordance with the usage policy. • Monitors, logs and audits IM use and generates customizable usage reports A comprehensive Web Filtering application enables employers to: • Triggers real-time alerts for threats or attempted breaches • Create and customize an Internet access policy for different user groups based on business needs, URL categories or file types • Links screen names to user names to help ensure maximum accountability • Optimize network resources by reducing bandwidth congestion and managing audio and video streaming by end users • Standardizes the IM network for the enterprise • Restrict recreational Web access to certain types of content to a specific time of day • Helps ensure integrated compliance with email archiving and logging requirements - Organizations may opt to permit employee access to webmail applications only during lunch or break times Choosing the Right Web Security Solution To protect corporate networks, enterprises need to take security precautions against unwanted Web threats. There are various • Scale and manage Web filtering for multiple business locations from a centralized management tool alternatives for implementing Web security, including desktop-based, gateway-based and network-based solutions. In choosing a Web • Receive centralized reporting of employee Web usage statistics security solution, businesses should evaluate their individual needs and internal expertise. Spyware Screening A fully managed Spyware Screening service works in cooperation with virus scanning applications to secure confidential data and prevent Reference 1. Provided by IDC on August 8, 2007 malicious attacks on the enterprise network. By offering “in the cloud” protection, Spyware Screening helps eliminate Spyware threats before they reach the enterprise network.
In cities, towns and remote locations, mini satellite dishes point attentively to the Southern sky. Emblazoned with names like DirecTv, ExpressVu, DirecWay, Web Conferencing, iNetVu, Linkstar, XM Satellite Radio, Sirius Satellite Radio iDirect their numbers are growing at an amazing rate. Iridium Satellite Phone is the only provider of truly global satellite voice and data solutions with complete coverage of the earth (including oceans, airways and Polar Regions). Get the latest buzz on Free satellite tv systems - including the features and benefits that make them today's ultimate television viewing experience.(Get Dish) Ever wonder why these satellite dish systems are in such great demand? Does high speed internet service or digital television programming via satellite intrigue you?
If you've never heard of Cheap VoIP, get ready to change the way you think about long-distance phone calls. VoIP, or Voice over Internet Protocol, is a method for taking analog audio signals and turning them into digital data (IP packets) that can be transmitted over the Internet.