Weitere Ă€hnliche Inhalte Ăhnlich wie White Paper: Is Your Network Safe Behind Just a Firewall? (20) Mehr von Windstream Enterprise (16) KĂŒrzlich hochgeladen (20) White Paper: Is Your Network Safe Behind Just a Firewall?1. WHITE PAPER
Is Your Network Safe Behind Just A Firewall?
Malware Threatens Malicious software or âmalwareâ is the In essence, malware acts like a parasite
Network Security biggest network security threat facing on a network. It is designed to inïŹltrate
organizations today. Cybercriminals a computer system without permission.
target enterprises that hold a great deal Even the most well-intentioned employee
of money or conduct a high volume of may accidentally download malware â
transactions on a daily basis. A network such as Zeus (Zbot) â from a Web site
intrusion can cost an organization as or open it via an e-mail attachment. The
much as $5 million. And, the damage worm then slips past network security
to a companyâs reputation can be measures and hides against the ïŹrewall.
irreparable. Statistics show that if a Here, it collects data and absorbs
major security breach occurs against private information passing through,
a U.S. enterprise, that organization such as credit card numbers, account
has a 90 percent chance of going out numbers, or social security numbers.
of business within two years. This is The worm then sends that information
particularly alarming considering that back to the host, who then sells it to
malware is currently the fastest- criminals for identity fraud, e-scams, and
growing trend in the misuse of other personally invasive crimes.
network resources.
The Threat is Real This threat of malware is very real. Just as federal regulators have made
Private information is at risk without efforts to protect privacy through
the proper network security measures. statutes such as HIPAA, Gramm-
Unfortunately, a majority of anti-virus Leach-Bliley, and PCI DSS, compliance
programs and network ïŹrewalls cannot standards are moving toward required
protect against intrusion risks beyond advanced network security measures.
viruses and Trojan worms. Organizations
have to be smarter than the criminals
theyâre up against.
© Windstream 2012
DATE: 3.27.12 | REVISION: 1 | 009573_Is_Your_Network_Safe | CREATIVE: MF | JOB#: 9573 - Is Your Network Safe | COLOR: 4C | TRIM: 8.5â x 11â
2. WHITE PAPER
A Firewall is Not Enough Todayâs malware is so advanced that a network. If there is danger lurking
ïŹrewall alone will still leave a network outside the front door (port connection)
vulnerable. A ïŹrewall provides a basic and the data ïŹnds a way into the home
line of defense by allowing or blocking (the network), it will cause an intense
connectivity to the network through amount of damage. And, although itâs
port connections. Think of a ïŹrewall not practical to check your guestsâ bags,
like a house: it allows you to close and it is necessary to scan all items entering
lock the doors and windows you donât your network to determine if they are
want outsiders to have access to, while friend or foe because the networkâs
keeping them open for welcome visitors. health and safety rely on it.
The problem with this defense is that the
ïŹrewall does not investigate the data that
is allowed to enter the doors on the
IDPS is the Answer Intrusion Detection and Protection In a 2009 survey, Forrester Research
to Malware Systems (IDPS) are the newest line of showed that IDPS is the second most
defense in network security and combine in-demand security solution. Many of the
two levels of network protection into one: solutions on the market today are either
intrusion detection and prevention. These IPS or IDS. Windstreamâs IDPS requires
systems identify and prevent malware no additional equipment purchases, and
intrusion by examining information via has the ability to provide powerful and
sensors within the network infrastructure. efïŹcient security while also being cost-
effective for the customer. Windstream
An Intrusion Detection System (IDS) offers an IDPS solution that outperforms
monitors activities on the network by other products in the industry because
searching for malware and producing of its ability to minimize risk and cost for
reports for the system administrator. an organization.
Intrusion Prevention Sensors (IPS) actively
block the malware on the network, IDPS is a substantial part of an
dropping the malicious data while still enterprise security solution used to
allowing normal data to continue on the protect the network. In order to set
network. With IDPS, the solution runs up proper network security, layers
along the MPLS cloud. If the malware of products, software, and solutions
is right on the networkâs doorsteps, the need to be in place that protect against
technology is efïŹcient enough to detect various threats. Firewalls, anti-virus
and prevent it from entering before the programs, access controls, and an IDPS
data leaves the cloud. solution are all necessary to achieve
effective network security.
© Windstream 2012
3. WHITE PAPER
How IDPS Works An IDPS keeps risks away from IDPS customer and Windstreamâs
important data. It acts like a bouncer security operations center are alerted.
standing outside of a bar checking IDs: Windstream engineers contact the
it detects malware and prevents it from customer about the malicious activity,
hanging out along the ïŹrewall. The IDPS and also help remediate the problem.
is constantly scanning the network
for known threats. These threats are Management of an IDPS is just as
identiïŹed in several ways, including important as purchasing the solution
through customer-provided data or Web itself. With current IDS or IPS solutions,
security solutions such as McAfee. It is IT professionals need to sift through a
also continuously searching the network wall of network data that likely contains a
for any possible anomalies. great deal of false positives â information
that is classiïŹed as malicious, but is, in
Windstreamâs IDPS sensors provide fact, harmless. Windstream manages
âzero hourâ protection for the customer this process for the customer, and has
so an organization is protected as a 99.9999 percent guarantee against
soon as threats are launched. When false positives, ensuring that the IT
an anomaly is discovered, both the professionalâs time is spent in the most
productive way possible.
INTERNET
FIREWALL &
IDPS PRIMARY
SITE 3 MPLS
FIREWALL &
IDPS PRIMARY
SITE 1
INTERNET
EVENT
CORRELATION
SERVERS
SITE 2
This diagram shows the network infrastructure and how the IDPS works in conjunction
with the ïŹrewall, and the MPLS cloud, in order to secure the network.
© Windstream 2012
4. WHITE PAPER
The ROI of IDPS The manpower and capital resources In addition, purchasing an IDPS
required to protect against the threat solution is like buying insurance for an
of malware is signiïŹcant; however, organizationâs reputation. As malware
Windstreamâs IDPS provides network evolves, network security must keep
protection and a good return on pace. If not, companies will continue to
investment for organizations. Since be at risk for damage to their networks
Windstreamâs security engineers and reputations. One network security
provide support for the IDPS, the need breach can bring operations to a
is eliminated for customers to hire screeching stop. An IDPS works along
additional IT staff, complete extra with other network security measures
levels of certiïŹcation, or incur capital in order to prevent this from happening
costs associated with maintaining and has proven to be the most effective
multiple security devices and information response in evading malware threats.
security providers.
Conclusion The best way to provide adequate data theft. For more information on
security for an organization is to stay Windstreamâs IDPS solution, or to have
informed on threats, analyze Windstream evaluate the strength of
vulnerabilities, and work with a partner your network ïŹrewall, visit
that can help you build your security www.windstream.com.
solution. IDPS is a crucial layer and
Windstream offers the most advanced
solution to protect your network against
Quick Facts:
In the ïŹrst quarter of 2010, nearly 27 percent of malware attacks occurred in the United States â second only to Brazil. While 98
percent of malware attacks are conducted by nondiscriminating automated systems, 2 percent are sophisticated hackers
targeting a speciïŹc company network.
Nonetheless, cybercrime acts continue to grow, and remain proïŹtable for the hacker:
Internet crime in the U.S. increased 23 percent in 2009
Personal identity sells for $.40 per person on the black market
Healthcare data, such as dental records, sells for $14 per person
009573 | 3/12 © Windstream 2012