cl-nz logo
Story image

Top security tips for 2013

Kurt Hansen, F5 Networks ANZ managing director offers some tips on security in 2013.

With the ongoing discovery of new vulnerabilities that continue to emerge on the back of a number of ongoing trends such as the growing adoption of cloud services, it is inevitable security will continue to remain a top priority for businesses in 2013.

Multi-layered attacks

Security attacks are becoming increasingly varied and multi-layered and hackers have become equally sophisticated in the way they target companies.

Previously, the majority of security attacks were being targeted at the network layer, however once organisations became aware of vulnerabilities in this area and started to take appropriate action, hackers looked to other areas of exposure such as the application layer.

Subsequently, a new strategy is necessary to combat the new techniques of attackers. Today’s modern threat stack spans the entire network stack – from layer one to layer seven.

It is no longer enough to protect against one attack or even three, it is necessary to mitigate the entire multi-layer threat spectrum in a more holistic, intelligent way.

Traditional firewalls

Over the past few years we have seen firewalls fail repeatedly. We have seen business disrupted, security thwarted, and reputations damaged by the failure of the very devices meant to prevent such catastrophes from happening.

These failures have been caused by a change in tactics from invaders who no longer seek to find a way through or over the walls, but who simply batter it down instead.

A combination of traditional network-layer attacks and modern application-layer attacks have become a force to be reckoned with, which traditional security solutions like network firewalls, intrusion prevention systems (IPS) or antivirus software firewalls are often no longer equipped to handle.

Encrypted traffic flowing into and out of the data centre often bypasses security solutions entirely, leaving another potential source of a breach unaddressed.

Performance is also being impeded by the sheer number of devices required to implement all the different layers of security needed, which increases costs while impairing performance.

Re-think security strategy

While it is certainly possible to redress application layer attacks such as DDoS attacks with yet another point solution, it has always been the case that every additional device through which traffic must pass between the client and the server introduces not only latency – which impedes optimal performance – but also another point of failure.

It is much more efficient in terms of performance and provides a higher level of fault tolerance to reduce the number of devices in the path between client and server.

An advanced application delivery platform, with an internally integrated, high-speed interconnect across network and application-focused solutions, provides a single point at which application and network layer protections can beapplied, without introducing additional points of failure or latency.

What companies ultimately need is defence in breadth – the height of the stack – to assure availability and security using a more intelligent, unified security strategy that moves beyond the network, to encompass potential attacks at every level of their infrastructure including the application layer.

With hundreds of thousands of web applications available today across any number of devices, including smartphones and tablets, this area in particular poses a real threat for organisations, one they need to address as a priority.

Tips for resellers

• Understand today’s security landscape and the rapidly evolving scope of cyber attacks which threaten New Zealand businesses so you can discuss this authoritatively with your customers and prospects

• Be equipped to educate companies about the range of security attacks that have the potential to threaten their business such as DDoS attacks including conventional network attacks, HTTP and SSL floods, which target firewalls, web services and applications.

• While HTTP floods currently account for over 80% of today’s attacks, expect simple network attacks to make a resurgence as they are combined with HTTP floods into sophisticated multi-stage attacks that achieve denial-of-service.

• Attacks are so ubiquitous today that many sites are constantly under some form of traffic attack, 24 hours a day, 365 days a year. Make sure New Zealand companies are aware that they are vulnerable to cyber attacks no matter what size their organisation is.

Check out the February edition of The Channel which includes 15 pages on security for the New Zealand reseller channel.