R/€ = 15.01Change: 0.01
R/$ = 14.13Change: 0.01
Au 1072.50 $/ozChange: 0.45
Pt 848.50 $/ozChange: 3.00
Note: Search is limited to the most recent 250 articles. Set date range to access earlier articles.
Where? With... When?

And must exclude these words...
Close Main Search
Close Main Login
My Profile News Alerts Newsletters Logout Close Main Profile
Agriculture   Automotive   Chemicals   Competition Policy   Construction   Defence   Economy   Electricity   Energy   Environment   ICT   Metals   Mining   Science and Technology   Services   Trade   Transport & Logistics   Water  
What's On Press Office Tenders Suppliers Directory Research Jobs Announcements Letters About Us
RSS Feed
Article   Comments   Other News   Research   Magazine  
Jan 27, 2012

Real-time, deep-packet inspection of network traffic improves security

© Reuse this

The real-time, deep-layer inspection of inbound, outbound and internal network traffic enables companies to improve the security of their information and also to secure information accessed remotely by different devices, says firewall supplier SonicWall director of emerging markets and Europe, Middle East and Africa distributors Dominique Honnay.

The information technology administrator or security officer of a company needs to be able to identify the applications coming into the company’s network, he says.

“We look at the special characteristics of data streams and, based on these, we can determine that the traffic is LinkedIn, Facebook, Facebook Farmville gaming, or Skype, beside others. Our library has a database of 3 800 applications that we can identify and it is growing continuously,” he explains.

All incoming traffic should be scanned and filtered, as is the case with classic Unified Threat Management Solutions (intrusion prevention services, gateway antivirus and antispyware). However, there is a growing need to scan the traffic from specific applications in detail, owing to emerging security threats. This means scanning streaming media, such as Skype, YouTube and Voice-over-Internet Protocols (VoIPs). Also, when companies are using cloud applications, it is critical to ensure a secure network envi- ronment, he says.

“This must happen in real time, as the information is streamed. We have developed our own patented technology, called Reassembly-Free Deep Packet Inspection (RFDPI), to scan network traffic. This engine gives us the ability to scan up to 56 different protocols, including secure hypertext trans- fer protocol and other secure traffic,” he notes.

“One of the things we do is to look for anomalies in the packets. For example, session initiation protocol and VoIP have distinguishing characteristics. We also use our own intelligence database to identify potential threats coming into the network through, for example, VoIP, and we define the patterns that the engine can recognise in the VoIP traffic coming into companies,” explains Honnay.

Companies traditionally focus on securing and filtering information coming from outside into the networks. However, in larger, more open environments, such as in large corporate companies and universi- ties, it is also important to subsegment the internal network in different virtual or physical areas and conduct scans and filtering for internal traffic on the network, he notes.

Meanwhile, given that some employees must be able to access different sites, such as Facebook or LinkedIn, to establish and maintain client relationships, simply blocking access to sites is not the most effective method of dealing with the emerging security threats in the workplace.

Rules for bandwidth prioritisation can be set up to manage the performance of a company’s network because there will always be a greater demand for bandwidth than is available, he adds.

“From a secure remote access point of view, we also must be able to identify which users are accessing our networks, using which applications and what devices. Is the device known to the company, is it a private device, does it have the correct firewall settings and is its antivirus program up to date?”

Employees and managers need to be able to connect to work networks using any device at hand and the critical measure is how companies control this development, states Honnay.

The mechanisms to manage device connectivity mostly have to do with the internal environment, which means that the user must register and authenticate the device on the active directory database, including his or her position in, or relationship with, the company, for example, a consultant.

“Secondly, we have to check the device he or she is using and whether it is a managed or unmanaged device. Can the information technology (IT) manager configure or see the security settings?”

SonicWall’s Secure Remote Access Platforms can check to see if devices are secure and can prevent flooding, which is mass traffic sent to bring down a server or network.

“We can define, for instance, when a person wants to connect with a device that does not meet the company’s security policy; they can only access browser-based applications, and will only be granted full access to the internal network if the user has taken action to secure his device,” he says.

The challenge, if a company wants to effectively secure traffic on its network, is to be able to scan at wire speeds.

“If you cannot scan at 1 Gbit/s, 5 Gbit/s, 40 Gbit/s or higher, you are securing the environment at the cost of performance. There must be a balance between connec- tivity, security and performance.

“We have RFDPI appliances capable of handling 10 Gbit/s and can combine four boxes to enable 40 Gbit/s scanning. We plan to increase this capacity in 2012.”

Meanwhile, SonicWall has identified a potential growth market in South Africa in line with developments in the US and Europe, where smaller companies that are unable to afford skilled or permanent IT security personnel are outsourcing the perimeter security of their networks to specialist companies.

“This is a change in the market that will probably come to South Africa as well,” concludes Honnay.

Edited by: Martin Zhuwakinyu
Creamer Media Senior Deputy Editor
© Reuse this Comment Guidelines (150 word limit)
Other ICT News
Nigeria's communications ministry said on Wednesday that it is up to President Muhammadu Buhari to decide "in which direction to go" with a $5.2-billion fine on mobile phone company MTN after it asked for leniency. "The (Communications) minister (Adebayo Shittu) said...
Trade and Industry Minister Dr Rob Davies expects the growth potential of the local business process outsourcing (BPO) industry to continue increasing over the next five years, particularly in contact centre, shared services centre and legal process outsourcing. He...
Telecommunications giant Vodacom and converged network operator Neotel have two weeks to decide whether the proposed merger between the two companies would continue in an “amended” form or be abandoned altogether. Following an eleventh-hour postponement of the...
Article contains comments
Latest News
Labour Minister Mildred Oliphant
The National Economic Development and Labour Council's (Nedlac's) consideration of the modalities of the introduction of a national minimum wage could be completed next year, Labour Minister Mildred Oliphant said on Wednesday. Addressing Cosatu delegates at the...
JSE-listed Vukile Property Fund’s distributions for the six months ended September 30, increased by 7%, in line with guidance.   Vukile boosted its distributable income by 27.7% year-on-year to R426.3-million and grew like-for-like net property revenue by 6.1%.   CEO...
Goldman Sachs International MD Colin Coleman
South Africa can score quick wins with the right focus, Goldman Sachs Sub-Saharan Africa investment banking head Colin Coleman said on Wednesday. At a presentation at the Gordon Institute of Business Science (GIBS) attended by Creamer Media’s Mining Weekly Online,...
Recent Research Reports
Water 2015: A review of South Africa's water sector (PDF Report)
Creamer Media’s Water 2015 Report considers the aforementioned issues, not only in the South African context but also in the African and global context in terms of supply and demand, water stress and insecurity, and access to water and sanitation, besides others.
Input Sector Review: Pumps 2015 (PDF Report)
Creamer Media’s 2015 Input Sector Review on Pumps provides an overview of South Africa’s pumps industry with particular focus on pump manufacture and supply, aftermarket services, marketing strategies, local and export demand, imports, sector support, investment...
Liquid Fuels 2015: A review of South Africa's liquid fuels sector (PDF Report)
Creamer Media’s Liquid Fuels 2015 Report examines these issues in the context of South Africa’s business environment; oil and gas exploration; fuel pricing; the development of the country’s biofuels industry; the logistics of transporting liquid fuels; and...
Road and Rail 2015: A review of South Africa's road and rail sectors (PDF Report)
Creamer Media’s Road and Rail 2015 report examines South Africa’s road and rail transport system, with particular focus on the size and state of the country’s road and rail infrastructure and network, the funding and maintenance of these respective networks, and...
Defence 2015: A review of South Africa's defence sector (PDF Report)
Creamer Media’s Coal 2015 report examines South Africa’s coal industry with regards to the business environment, the key participants in the sector, local demand, export sales and coal logistics, projects being undertaken by the large and smaller participants in the...
Real Economy Year Book 2015 (PDF Report)
There are very few beacons of hope on South Africa’s economic horizon. Economic growth is weak, unemployment is rising, electricity supply is insufficient to meet demand and/or spur growth, with poor prospects for many of the commodities mined and exported. However,...
This Week's Magazine
Additive manufacturing, better known as 3D printing, has the potential to completely change the relationships between individual consumers, professional designers and manufacturers. So argued Loughborough University Reader in Computer Aided Product Design Dr Ian...
Airbus Defence and Space: Military Aircraft has highlighted that its A330 Multirole Tanker Transport (MRTT) has significant commonalities with the Airbus A330-200 commercial airliner, upon which it is based. The South African Air Force (SAAF) once operated a fleet of...
Financial services provider Nedbank launched the second edition of its Carbon Footprinting Guide earlier this month, which is aimed at demystifying carbon footprint approaches and help readers grasp the main concepts of carbon measuring, monitoring, reporting and...
This year marks the thirtieth anniversary of Caterpillar’s first backhoe loader. This also coincides with the worldwide release of its latest-generation F2 series backhoe loader, which was launched at supply chain services company Barloworld Logistics’ Big Dig Day in...
BARRY DWOLATZKY The CPD programme provides advanced skills required locally, and provides a stepping stone to Wits University’s Master of Engineering degree in software engineering
A shortage of software engineers is leading to fewer information technology (IT) projects in private and public sector organisations. This also places a dampener on the economy, as IT is an integral part of business and civil service, says University of Witwatersrand...
Alert Close
Embed Code Close
Research Reports Close
Research Reports are a product of the
Research Channel Africa. Reports can be bought individually or you can gain full access to all reports as part of a Research Channel Africa subscription.
Find Out More Buy Report
Engineering News
Completely Re-Engineered
Experience it now. Click here
*website to launch in a few weeks
Subscribe Now for $96 Close
Subscribe Now for $96