Jan 27, 2012
Real-time, deep-packet inspection of network traffic improves securityBack
SECURITY|Africa|Facebook|LinkedIn|Security|SonicWall|Unified Threat Management Solutions|YouTube|Africa|Europe|South Africa|United States|Security|Cloud Applications|Firewall Supplier|Internal Network|Intrusion Prevention Services|Secure Hypertext Transfer Protocol|Security|Services|Session Initiation Protocol|Streaming Media|Dominique Honnay|Security|Middle East|Firewall|Information Technology|Secure Hypertext Transfer Protocol|Session Initiation Protocol|Streaming Media|VOIP
© Reuse this
The information technology administrator or security officer of a company needs to be able to identify the applications coming into the company’s network, he says.
“We look at the special characteristics of data streams and, based on these, we can determine that the traffic is LinkedIn, Facebook, Facebook Farmville gaming, or Skype, beside others. Our library has a database of 3 800 applications that we can identify and it is growing continuously,” he explains.
All incoming traffic should be scanned and filtered, as is the case with classic Unified Threat Management Solutions (intrusion prevention services, gateway antivirus and antispyware). However, there is a growing need to scan the traffic from specific applications in detail, owing to emerging security threats. This means scanning streaming media, such as Skype, YouTube and Voice-over-Internet Protocols (VoIPs). Also, when companies are using cloud applications, it is critical to ensure a secure network envi- ronment, he says.
“This must happen in real time, as the information is streamed. We have developed our own patented technology, called Reassembly-Free Deep Packet Inspection (RFDPI), to scan network traffic. This engine gives us the ability to scan up to 56 different protocols, including secure hypertext trans- fer protocol and other secure traffic,” he notes.
“One of the things we do is to look for anomalies in the packets. For example, session initiation protocol and VoIP have distinguishing characteristics. We also use our own intelligence database to identify potential threats coming into the network through, for example, VoIP, and we define the patterns that the engine can recognise in the VoIP traffic coming into companies,” explains Honnay.
Companies traditionally focus on securing and filtering information coming from outside into the networks. However, in larger, more open environments, such as in large corporate companies and universi- ties, it is also important to subsegment the internal network in different virtual or physical areas and conduct scans and filtering for internal traffic on the network, he notes.
Meanwhile, given that some employees must be able to access different sites, such as Facebook or LinkedIn, to establish and maintain client relationships, simply blocking access to sites is not the most effective method of dealing with the emerging security threats in the workplace.
Rules for bandwidth prioritisation can be set up to manage the performance of a company’s network because there will always be a greater demand for bandwidth than is available, he adds.
“From a secure remote access point of view, we also must be able to identify which users are accessing our networks, using which applications and what devices. Is the device known to the company, is it a private device, does it have the correct firewall settings and is its antivirus program up to date?”
Employees and managers need to be able to connect to work networks using any device at hand and the critical measure is how companies control this development, states Honnay.
The mechanisms to manage device connectivity mostly have to do with the internal environment, which means that the user must register and authenticate the device on the active directory database, including his or her position in, or relationship with, the company, for example, a consultant.
“Secondly, we have to check the device he or she is using and whether it is a managed or unmanaged device. Can the information technology (IT) manager configure or see the security settings?”
SonicWall’s Secure Remote Access Platforms can check to see if devices are secure and can prevent flooding, which is mass traffic sent to bring down a server or network.
“We can define, for instance, when a person wants to connect with a device that does not meet the company’s security policy; they can only access browser-based applications, and will only be granted full access to the internal network if the user has taken action to secure his device,” he says.
The challenge, if a company wants to effectively secure traffic on its network, is to be able to scan at wire speeds.
“If you cannot scan at 1 Gbit/s, 5 Gbit/s, 40 Gbit/s or higher, you are securing the environment at the cost of performance. There must be a balance between connec- tivity, security and performance.
“We have RFDPI appliances capable of handling 10 Gbit/s and can combine four boxes to enable 40 Gbit/s scanning. We plan to increase this capacity in 2012.”
Meanwhile, SonicWall has identified a potential growth market in South Africa in line with developments in the US and Europe, where smaller companies that are unable to afford skilled or permanent IT security personnel are outsourcing the perimeter security of their networks to specialist companies.
“This is a change in the market that will probably come to South Africa as well,” concludes Honnay.
Edited by: Martin Zhuwakinyu© Reuse this Comment Guidelines (150 word limit)
Other Business Process Outsourcing News
Jasco Enterprise has restructured its coastal offices into a single coastal division serving the Western Cape, Eastern Cape and KwaZulu-Natal, the company announced on Tuesday. The newly consolidated division, led by executive head of coastal regions Karel Botha,...
Embattled telecommunications giant Telkom is eyeing significant procurement cost cuts as part of actions to return the group to sustainability. In the 2014 financial year, Telkom spent roughly R17-billion with suppliers, chief procurement officer Ian Russell said at...
A well-defined corporate culture, philosophy and principles, along with industry experts in all of its diverse industry channels, enable information technology (IT) services company EOH to achieve strong and sustained growth. EOH CEO Asher Bohbot notes that all its...
Updated 1 hour 13 minutes ago E-tolling Gauteng's highways has failed and the system falls short of its intentions, the Opposition to Urban Tolling Alliance (Outa) said on Tuesday. "This system is falling far short of its intentions and targets," Outa chairperson Wayne Duvenage told public...
Updated 3 hours ago Fuel cell products provider Ballard Power Systems has appointed Randall MacEwen as president and CEO, effective October 6, replacing John Sheridan, who is retiring after serving as the company’s president and CEO since 2006. Sheridan would continue to serve as an...
Updated 3 hours ago Sub-Saharan Africa’s digital revolution was not set to get under way – it had already started, Ericsson VP for strategy, marketing and communication Tumi Sekhukhune told delegates at the Southern Africa Telecommunication Network and Application Conference...
Recent Research Reports
Road and Rail 2014: A review of South Africa's road and rail infrastructure (PDF report)
Creamer Media’s Road and Rail 2014 report examines South Africa’s road and rail transport system, with particular focus on the size and state of the country’s road and rail network, the funding and maintenance of these respective networks, and the push to move...
Real Economy Year Book 2014 (PDF Report)
This edition drills down into the performance and outlook for a variety of sectors, including automotive, construction, electricity, transport, steel, water, coal, gold, iron-ore and platinum.
Real Economy Insight: Automotive 2014 (PDF Report)
This four-page brief covers key developments in the automotive industry over the past 12 months, including an overview of South Africa’s automotive market, trade figures, production and the policies influencing the sector.
Real Economy Insight: Construction 2014 (PDF Report)
This five-page brief covers key developments in the construction industry over the past 12 months. It provides an overview of the sector and includes details of employment in the sector, infrastructure and municipal spending, as well as insight into companies’...
Real Economy Insight: Electricity 2014 (PDF Report)
This five-page brief covers key developments in the electricity industry over the past 12 months, including details of State-owned power utility Eskom’s generation activities, funding and tariffs, independent power producers and prospects for the sector.
Real Economy Insight: Road and Rail 2014 (PDF Report)
This six-page brief covers key developments in the road and rail industries over the past 12 months, including details of South Africa’s road and rail network and prospects for both sectors.
This Week's Magazine
South African State-owned defence industrial group Denel has announced its fourth consecutive year of profits. The group's results for the financial year 2013/2014 were recently announced at its head office in Centurion, south of Pretoria. Revenues grew by 17%, net...
There is little opportunity for JSE-listed infrastructure company Group Five to grow shareholder value in the domestic market, says CEO Mike Upton. He says value can still be found in the private sector, in the renewable and industrial power sector, as well as in...
The National Association of Automobile Manufacturers of South Africa (Naamsa) has announced the event dates of the 2015 Johannesburg International Motor Show (JIMS). The event will take place from October 14 to October 25, 2015, at the Johannesburg Expo Centre, Nasrec.
UK engineering support services provider Babcock is set to deliver the largest order of global truck manufacturer DAF’s truck tractors in Southern Africa to bulk carrier road-based logistics company Ngululu Bulk Carriers (NBC), with 133 trucks to be delivered in...
Digital radio communications in the African local government space can open up the world, but have many challenges to overcome, notes integration and migration of legacy radio communications infrastructure with digital mobile radio company Emcom Wireless head of...