Story image

Is any network 100% safe? Tips for hardening cyber defences

15 Jul 16

Your client’s enterprise network, the data they hold and the application services they support are all directly in the cross-hairs of hackers, spies and opportunists of every stripe. And why not? Stolen data is a commodity worth money (or bitcoins!) on the open market. If your client has any sort of public profile they are a target for cyber-criminals. The bigger the enterprise, the bigger the target.

Your clients want to keep their private and sensitive commercial data safe and secure. And you want to be able to assure them that it is so. But can you really secure your customer’s data from all threats, especially criminals who are prepared to make a major effort to break into your network?

“Is any network 100% safe?” asks Dominic Whitehand, Managing Director of Exclusive Networks, Australia’s most experienced distributor for Fortinet, a global leader in the provision of cyber-security solutions. “Of course not. Even the White House, the Pentagon and the Kremlin get hacked. And they have massive security budgets and thousands of full-time black and white hat experts. But you can make it extremely difficult for all but the most well-funded and relentless crooks to even come close to getting inside your client’s networks. How? By hardening their cyber defences inside and out.”

Advanced persistent threats
Today’s most damaging attacks, typically classified as Advanced Persistent Threats (APT), occur across the spectrum of possible attack vectors. Innovative malware, zero-day vulnerabilities and emerging evasion techniques can all render a single approach problematic.

“A deeper, more comprehensive approach is needed,” says Whitehand, “to counter these increasingly sophisticated attacks. Fortinet, and other security vendors, are all working hard to build a multi-layered defence-in-depth framework for combating these APTs.”

Prevent – The known threats
Most malware is already known. Last year, nearly a quarter of malware was more than ten years old and almost 90% discovered before 2014.  Known threats can be blocked through next-generation firewalls, secure email gateways, endpoint security and other technologies. Previously unknown malware and targeted attacks, however, can hide from these measures. Dodgy traffic that seems suspicious should be handed off to the next point of your multi-layered defence.

Detect – The unknown
Today’s more sensitive filters can detect previously unknown threats and create actionable threat intelligence. Sandboxing, for instance, isolates potentially malicious software in a sheltered environment so its full behaviour can be observed without affecting production networks.

“But sandboxing alone can’t stop everything,” continues Whitehand. “Attackers respond to new technologies by figuring out how they work and then finding ways around them. Indeed, smart crooks are already trying to compromise sandboxes. That’s why it’s important to stay updated. Just as criminals evolve, your client’s defences need to keep up as well.”

Mitigate – Taking action
Once an intrusion has been validated, users, devices and content have to be quarantined. “Your clients need to have automated and manual systems in place to ensure the safety of network resources and data,” says Whitehand. “That’s to contain the damage. But you need to fight back. FortiSandbox, for instance, automatically forwards any new threats to the FortiGuard Labs for analysis, de-construction and remediation. This results in updates being fed back to the security devices and providing every layer with up-to-date protection.”

Integration is key
“It’s not one particular technology that’s driving Advanced Threat Protection (ATP),” says Whitehand. “It’s the integration and collaboration amongst all of them. ATP relies on multiple types of technologies, products and research, each with different roles and each working in concert with one another. For example, FortiSandbox can integrate into FortiGate Next Generation Firewalls, FortiMail for inspection of attachments and FortiWeb web application firewalls for web-facing services.”

“We can expect to see continued cybercriminal innovation with an even greater focus on datacentres,” concludes Whitehand. “Your best strategy for clients is to deploy a multi-layered approach with established and emerging technologies which work together. No other approach can defend against today’s Advanced Persistent Threats. It’s a challenge, to be sure, but one that has to be met.”

For further information, please contact Exclusive Networks:
E: fortinet@exclusivenetworks.com.au
P: 1300 137 993
W: www.40net.com.au

Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Hands-on review: The Logitech R500 laser presentation remote
With a clever ergonomic design, you’ll never have to glance at the device, unless you deliberately look to use the built-in laser pointer to emphasise your presentation.
Review: Should you buy the Fitbit Charge 3?
If you are new the to the world of wearables you might be wondering if Fitbit’s new offering is a good first step. Maybe I can help with that.
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Cohesity signs new reseller and cloud service provider in Australia
NEXION Networks has been appointed as an authorised reseller of Cohesity’s range of solutions for secondary data.
Dell dominates enterprise storage market, HPE declines
The enterprise storage system market continues to be a goldmine for most vendors with demand relentlessly rising year-on-year.
Lenovo DCG moves Knight into A/NZ general manager role
Knight will now relocate to Sydney where he will be tasked with managing and growing the company’s data centre business across A/NZ.
Avnet to boost AI/IoT solutions with acquisition
The acquisition of Softweb Solutions adds software and artificial intelligence to Avnet’s ecosystem and bolsters its IoT capabilities.