Manualshelf

HP ProCurve Threat Management Solution Design Guide 2009-04

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
12345678910
1-1
Customer Needs
Internal Threats
1
Customer Needs
Because nearly every company has an Internet connection, its network is opened up to
potentially millions of users throughout the world. If even a small percentage of those users
choose to launch attacks, they will cause considerable damage. For this reason, traditional
security solutions focus on technologies such as firewalls that control traffic crossing the
border between the public Internet and the private network.
Such traditional security solutions are no longer able to secure the network as effectively as
they once did because network perimeters are blurring. Employees are mobile, requiring both
wireless and wired access and access from different locations: on site at corporate offices,
from home, and on the road. The network edge can no longer be characterized in the traditional
sense, with a clearly defined border between an internal trusted network and an untrusted
public network such as the Internet.
Companies are also opening up their network to support different types of users. Temporary
employees, partners, and guest users all want some type of network access, and companies
must provide this limited access while protecting the rest of the network, including confidential
information (such as customers’ personal or credit card information).
Complicating things further, today’s threats are much more complex and are therefore more
difficult to detect and neutralize. Malware attacks such as worms, viruses, Trojans, and
spyware are evolving so rapidly that they are outpacing traditional security systems.
Securing the network has never been more difficult or more crucial to companies’ success.
Companies must safeguard confidential information not only to protect their customers but
also to avoid damaging their reputation and being charged with a lawsuits. Most countries have
enacted laws that hold companies responsible for protecting confidential information. For
example, national regulations include the U.S. Sarbanes-Oxley (SOX) Act, Canada’s Personal
Information Protection and Electronic Documents Act (PIPEDA), Germany’s Federal Data
Protection Act, and Australia’s Privacy Act of 1988.
Internal Threats
With the composition of today’s networks, threats are frequently launched inside the internal
network. Every internal endpoint poses a potential threat. Many of these threats are inadver-
tently introduced by employees who have not adequately protected their endpoints from
viruses, worms, and other malware. And unfortunately, a few users deliberately abuse their
network rights to launch attacks.
To protect against these internal threats, companies must implement additional layers of
security to filter and control internal traffic. For example, they might want to implement a
security solution that can detect and block malware and other attacks that are launched on the
internal network. They might also want to separate their networks into different logical areas,
or zones, and apply different security policies to each zone. They could then enforce tighter
security measures for zones that encompass confidential data and employees who have rights
to this data and implement more relaxed security measures for zones that encompass visitors
who have only rights to browse the Internet. If companies could set up such zones on their
internal network, they could also control what type of traffic can be transmitted between zones.