IT administrators have plenty of perimeter security tools at their disposal, from firewalls to spam filters to intrusion detection solutions. But despite all the preventative measures, most organizations still have gaps in their security controls or processes, which could lead to cracks in their system. A coordinated attack from an outside threat could penetrate these seemingly thick walls of perimeter security due to poor security management and overlooked system vulnerabilities.
Securing a network’s perimeter, defined as the demarcation point for exchanges among data, assets, employees, and partners, is a struggle for many organizations because of its complexity. IT departments can be easily overwhelmed by operating a complete perimeter security system because individual solutions are often stitched together, and therefore require multiple management controls, protocols, and licenses.
Companies with fewer than 2,000 users experience the most significant challenges, because the laundry list of best practices that includes firewalls, VPNs, web and mail proxies, and intrusion prevention systems (IPSs) is typically expensive and arduous. In response to individual threats, the piecemeal approach of perimeter security is often deployed over many years.
The threats don’t stop, and with infrastructure constantly under attack, the risk of a breach remains high. Here are three common challenges mid-size businesses are facing with regard to perimeter security, and how organizations are solving them.
What businesses are up against, and how they’re fighting back
Stopping the barrage of attacks
Challenge: Today’s attacks on perimeter security consist of complex and frequent threats, including hacking and cracking attacks; viruses, worms, and malware; and advanced persistent threats (APTs). In the past, attacks targeted a system’s default configurations or improper settings with the intention of defacement or possibly misuse of technology resources. Modern attacks, however, aim to capture valuable content, from financial assets to personnel data.
Solution: Because hackers attack perimeter security from many angles and through a number of methods, organizations need a complete solution offering full protection. Next-generation firewalls (NGFWs) and unified threat management (UTM) platforms are two well-suited solutions that can withstand these attacks, and continually protect an organization’s data and assets. These solutions create a unified perimeter security front, which includes SSL inspection, intrusion detection/prevention, web filtering, application control, anti-spam, virus and malware protection, data loss prevention, and virtual private networking and remote access from site to site.
Effectively managing the perimeter security system
Challenge: Multiple, disparate solutions often ineffectively communicate with each other. Each individual security measure, such as a web filter or firewall, requires independent management and has limited logging capabilities, creating problems for an organization attempting to detect and react to an attack. Managing this diverse ecosystem of security programs stretches the limits of time and money, and can prevent IT departments from mastering the configuration and maintenance of each solution.
Solution: In addition to the benefits created by a unified perimeter security front, an all-encompassing security solution like an NGFW or UTM creates a single management console for software installation and maintenance. Plus, employing just one solution can reduce technical training requirements for IT staff.
Lowering ownership costs
Challenge: Due to lifecycle expansion or acquisition, companies and business units often become geographically diverse with employees, offices, and data centers scattered across numerous locations. However, monetary constraints prevent organizations from placing knowledgeable IT staff at each site. Plus, rising renewal costs for the multitude of perimeter security point solutions can squeeze IT budgets.
Solution: Many of these solutions can be purchased from a wide range of vendors, including Cisco, Fortinet, McAfee, and WatchGuard. By purchasing through a single vendor, however, organizations can lower the associated cost of ownership while gaining visibility, adhering to compliance requirements, and reducing risk to their internal assets.
Protecting the entire business with the right perimeter security
In the past, organizations built up their perimeter security one solution at a time. But the complexity of the system often fails an organization because it grows too large to effectively manage. This challenge, as well as the cost and conservation of the system, often becomes too large for the typical IT staff to handle.
NGFW solutions and threat management systems can maintain a strong perimeter while also automatically tracking and recording potential security breaches. But because no two companies are equal, research is necessary so organizations get the right NGFW or UTM solution that meets their needs.