Gartner: Next Generation the Only Way…..

April 26, 2010 by varidion Leave a Comment

I’m convinced you have no tolerance for ever-increasing network security costs.  Sure, you want to effectively manage risk, especially in an increasingly regulated world where security breaches result in huge fines and bad press – but your network security costs keep rising, even as traditional network security technologies like intrusion prevention systems (IPS) prove less and less effective against modern threats.

This is simply unacceptable. Industry analysts like Gartner have noted this as well, and have recommended that customers move to next-generation network security infrastructure.

Not only do next-generation firewalls vastly increase the visibility and control you have over the applications, users, and content you have on your network – they also save you lots of money on IPS.  With today’s highly segmented networks, this can result in multi-million pound purchases for large organizations – but ironically you still can’t manage threats well.

One of the principal reasons for Gartner’s recommendations is that traditional IPS can’t effectively manage applications and can’t detect threats in SSL-encrypted and compressed content.

Our next-generation firewalls do all of the above, and deliver industrial-strength intrusion prevention capabilities while saving you money.  In fact, the cost of our solution averages under £3,000 per protected network segment – a savings of at least 75% over TippingPoint and ISS.  Don’t take our word for it…  Drop into InfoSec and see for yourself; at the same time get measured up for a bespoke shirt.

Tailored security from Varidion

Filed under Managed Security, Next Generation Firewalls, Palo Alto Networks, Social Enterprise, Varidion Tagged with , , ,

The Network is the Computer…..

April 8, 2010 by varidion Leave a Comment

Is your Data Centre ready for the Cloud?  If you have more than two hops between the Internet/WAN and your applications the answer is no.  With today’s SOA architectures, latency and throughput is more critical to application performance.

The traditional three tier switching model of Access, Distribution and Core was conceived by Cisco in the days where data thus traffic flowed vertically to a single point, gathering speed on the way.  100Mbp/s access to GbE uplinks aggregated on 10GbE switches at the core, these in turn fed big fat application specific hosts with GbE network adaptors pushing and pulling very similar data types – mostly all fat clients.

The world is now flat….. Well, its getting flatter by the day.  Applications will no longer live in private data centres; Enterprises will use a mix of SaaS and Private Cloud solutions to meet tomorrow’s demands.  Virtualisation will allow business to turn up and down IT resources to meet with demand.  This has a huge effect on your network infrastructure.

To add to your woes, your staff are using more and more Social Applications, not just Facebook and YouTube but Google Apps, Internet chat and Blogging are all seeing a huge increase within the Enterprise.

So what do I do?

The concern with the traditional model is latency – forcing packets to stop at every layer.  Enterprises should build networks with a distribution layer of 10 GbE switches that is flattened out, becoming the communication link between servers with as few hops as possible, thus killing network latency.

Leaf-spine topology for computing network architecture

Some describe this two-layer switching method as leaf-spine switching topology or, similarly, a fat-tree switching topology.  In this scenario, servers are connected to leaf switches, which are then connected to a broad web of spine switches that provide interconnected bandwidth between leafs and spines.

This fabric of switches, which includes as many ports as possible, allows equal bandwidth access to every connection, enabling non-blocked movement data in an any-to-any server environment. Cloud leaf fabric controls the flow of traffic between servers, while the spine switching fabric moves traffic between nodes bi-directionally.

Very little is static in a cloud environment. Instances of servers and networks are provisioned at the drop of a hat.  To this end, the network architect must seek out a partner that understands the end-to-end solution from Application to User.  Varidion are a next generation service provider that builds and operates fully managed Infrastructure as a service that allows Enterprises to focus on the business elements of IT and not the technology end.

Remember – The network is the Computer!

Filed under Application Enabled Networks, Cloud Networking, SaaS Tagged with , , , ,

2010 Security Threats…. Adobe, Twitter and HTML

December 29, 2009 by varidion Leave a Comment

McAfee predict that Adobe, Facebook and Twitter will be the top hacks for 2010.  Amongst its other predictions, it also sees the emergence of a new vehicle for attacks in the form of HTML 5, an update to the Web markup language that will support delivery of online video and allow Web applications to run offline.

HTML 5 will blur the line between desktop and online applications. This, along with the release of Google Chrome OS, will create another opportunity for malware writers to prey on users,” McAfee said.

As the browser becomes an integrated part of the desktop and its communication language can access local resources, security devices such as firewalls and Intrusion Detection Systems will be ineffective against these threats in 2010.

Speak to Varidion today about implementing a Next Generation Firewall, that understands these applications and can prevent your data leaving from under your nose.

Read the full report.

Filed under Managed Security, Social Enterprise Tagged with , , ,

Stephen Fry Explains Web2.0

December 8, 2009 by varidion Leave a Comment

Many people ask, what is Web 2.0?  I found this basic but good overview from none other than Stephen Fry

Filed under Social Enterprise Tagged with , , ,

Confidential Data – Leaving via an IPS near you…

December 8, 2009 by varidion Leave a Comment

One of the biggest information security news items over the past Year is the leaking of confidential or sensitive data by specific applications.  Ironically, the applications that facilitated these breaches were specifically forbidden, but because these programs masquerade as valid applications or hide within SSL encryption, traditional network security and IPS appliances are oblivious to the breaches.

With today’s dynamic applications, a next generation of network security device is required;

  • One that can identify the applications in use, even when they are trying to hide.
  • One that can identify who has these applications, either through choice or via malware infection.
  • One that will control what’s entering and leaving your network, even if it’s encrypted inside SSL.

And until recently you needed to add another point solution or applicance to protect your network.

Next Generation Firewall vendor, Palo Alto Networks, has grasped the nettle and created a Multi-Gigabit Firewall that can identify, control and report on over 1000 applications right down to a user level and even if shrouded in encryption.  Refreshingly, implementing a Palo Alto Next Generation Firewall from Varidion will reduce your appliance sprawl as this single device delivers URL control; Spam filtering; Remote Access (IPSEC and SSL) and Malware detection all for less than £1,000 per month.

Can you afford not to implement one?  Call us today..

Filed under Managed Security, Social Enterprise Tagged with , , ,

File Sharing – Not Just a Geek Problem

December 5, 2009 by varidion Leave a Comment

An alarming trend has been indentified by our Partner, Palo Alto Networks, in their Applications Usage and Risks Report:  browser based file sharing has overtaken the use of client specific Peer 2 Peer applications for the first time.P2P -v- Browser

So what?

Well its simple, if today you detect and remove the use of file-sharing software within your business by managing and removing applications loaded onto your PCs, then this method is now redundant.  That is, unless you plan to remove browsers from your PCs?

Browser-based file sharing applications are a direct avenue for the transfer of confidential data and allows user download of infected files and malware-infested advertising.

The remedy is simple; you need to identify and control your applications at the network layer.  By their very nature, P2P, Malware and many Web2.0 applications masquerade as valid web and SSL traffic by hiding within their ports and protocols.  So unless your firewall can identify these rogue applications you have no way of controlling them.  Can your firewall distinguish between valid http and file-sharing http?

At Varidion, our Next Generation Firewall can identify and classify some 900 applications so control and protection is simple.  If you still managing by port & protocol speak to us about a free trial of our service, we will even give you a report outlining all the applications in use on your network.  I guarantee we’ll find something you don’t like!

Filed under Social Enterprise Tagged with , , , , ,

Twitter outpaces IM in the Social Enterprise

November 10, 2009 by varidion 1 Comment

In a recent application survey of 200 Enterprises it was found that Twitter was used in 89% of companies monitored, up from 35% in Spring 2009, making it more popular than Instant Messenger.  Amazingly the 250% increment of Twitter resulted in a 775% increase on bandwidth. social_networking The march of Social Networking applications into the Enterprise continues, with Facebook use increased by 192% and Google Apps was found in use at 82% of companies monitored. The facts are simple, you can’t stop the march of the Social Enterprise, your Employees will use these next generation Web 2.0 applications to do their job so best you learn how to manage & control these.  However, there’s the rub, most technologies today can only turn these applications Off or On so restricting access to the good along with the bad.  At Varidion with our Partner Palo Alto Networks we have created a managed security service that allows businesses to fully embrace all the benefits of the Social Enterprise with piece of mind these applications are being used for the right reason.   Call Varidion today to discuss our Managed Security Services.

Filed under Managed Security, Social Enterprise Tagged with , , , ,

Customer complaints on Facebook – Who cares? Retailers Must!

November 3, 2009 by varidion Leave a Comment

Today the consumer is more likely to air their grievances on social networking sites such as Facebook, Twitter and their Blogs before making an actual complaint to the retailer, but only the Web 2.0 savvy retailers are listening.

According to Brand Reputation, over 80% of surveyed consumers are more likely to look for online reviews than 12 months ago, but crucially they are five times more likely to tell friends and post negative feedback.

Brand Reputations CEO said, “When this trend occurs via the Web, these numbers quickly multiply and could spell disaster for retailers who don’t have strategies in place.”

It’s critical a retailer embraces Social Media, the Net-Generation consumer doesn’t read Which, they take peer review and negative feedback as their key litmus test.  So while the Retailers website has become its shop front, Social Media will be become its marketing media, but unless managed and controlled it could prove fatal.

Filed under Managed Security, Social Enterprise Tagged with , , , , ,

Banning access to Social Networking from the corporate network is futile

October 22, 2009 by varidion 2 Comments

Monday at Gartner Symposium in Florida, Carol Rozwell, of Gartner gave some wise words:

“Banning access to social media from the corporate network is futile.”

Carol is correct, we can’t stop social networking, you only have to look at the largest firewall installed, China!   They have failed to manage the flow of incoming information via Web 2.0 sites.  Today’s world we live in is digitally enabled and socially connected.  Moreover, the enterprise cannot protect its self from everything, they must learn to balance risk and performance, cloud and software as a service has great value, but they will introduce a change in how technology is managed and controlled.  Web 2.0, SaaS and Internet based social networking applications to carry real threats to corporations and must be managed effectively with today’s tools that understand these tools…

Filed under Managed Security, Social Enterprise Tagged with , , , , ,

Statefull Inspection Swiss Cheese – What’s the Point of your Firewall?

October 20, 2009 by varidion 1 Comment

swiss_cheese

Todays Firewalls

I’m sorry to tell you, its got more holes than a Swiss Cheese! Don’t be alarmed…..      most have.

Why?   They’re just simply out of date….

Basically today’s Web 2.0 applications have technology leapfrogged your security infrastructure, so while you diligently close ports and protocols these Net Generation applications choose another port, or better still masquerade as a valid protocol such as HTTPS so your firewall hasn’t a clue. Worried? You should be.

To restore the firewall as the core of your security infrastructure you need to look deeper into the traffic that’s flowing through it, something yesterday’s firewalls simply don’t and can’t do, that was until Nir Zuk one of the inventors of Statefull Inspection Technology headed back to the drawing board…. The outcome, a truly application aware security device that can accurately identify and classify over 900 of the today’s most dynamic applications irrespective of port, protocol but crucially evasion tactic. So finally the Enterprise can adopt Web 2.0 collaboration tools with the piece of mind they can actually control them.

Today, many Enterprises block applications such as Webex, LogMeIn, Yoics and P2P applications for very obvious reasons, again I have bad news, they are in use, you just can’t see them as they look just like valid http and http/s traffic. The facts are stark, in a recent application usage report of 60 large enterprises representing the behavior of 900,000 users, Peer 2 Peer applications were found in 92% of the enterprises, and web based file sharing in 72% of the companies and guess what; 100% had Firewalls and a further 82% had additional devices such as a Proxy, URL filter or an IPS.

Now that’s a great investment! Upgrade your business today speak to Varidion about an application aware network.

Filed under Managed Security, Social Enterprise Tagged with , , , , , , ,

Older posts