For Deeper Network Security Look Beyond the Obvious

Next-generation firewalls (NGFW) have taken the world by storm, revolutionizing the network security industry as we know it. Traditional firewalls that focus on stateful packet inspection and access control rules simply do not cut it in today’s advanced threat environment. Once considered cutting-edge, today organizations of all sizes have come to expect basic features like site-to-site VPN, secure remote access and flexible deployment be included at little or no additional cost. Next-gen firewalls build on their predecessors by adding additional layers of protection. In addition to traditional firewall features, today’s NGFW include a tightly integrated intrusion prevention system (IPS), the ability to decrypt and inspect SSL sessions in real-time, and the ability to visualize and control application traffic as it crosses the network. Looking at this industry shift towards more robust security technology, it becomes evident that the NGFW market has matured. Dozens of vendors offer these solutions; however, organizations should be aware that not all NGFWs are equal.

Today’s advanced attacks require sophisticated security technology to stop cyber-criminals in their tracks. Modern threats employ several complex techniques to avoid detection as they quietly sneak into corporate networks to steal intellectual property. These threats are often encoded using multifarious complicated algorithms to evade detection by intrusion prevention systems. Once the target has been exploited the threat will attempt to download and install malware onto the compromised system. In many instances, the malware used is a newly evolved variant which traditional anti-virus does not yet know about. All the while, the advanced attack relies on SSL encryption to hide malware being downloaded or disguise command and control traffic being sent from half way around the world. In order to effectively combat these emerging threats, organizations need deeper network security including: an IPS with advanced anti-evasion capabilities, the ability to decrypt and inspect every SSL encrypted connection crossing the network (on any port), and network-based malware protection that leverages the power of the cloud.

SSL Decryption and Inspection is arguably the single most important feature in providing deeper network security. According to recently released research by NSS Labs as much as 35% of corporate network traffic is encrypted using SSL. Organizations which are not decrypting and inspecting SSL traffic effectively provide attackers with a 1 in 3 chance of successfully compromising the network. In order to effectively combat these sophisticated attacks, organizations need the ability to inspect all traffic on any port, regardless of whether that traffic is SSL encrypted or not. One of the challenges however is that most NGFWs available today offer dismal performance when decrypting and inspecting SSL traffic. Dell SonicWALL NGFWs offer best-in-class scalability and performance for SSL Decryption and Inspection.

In addition to hiding their attacks using SSL, cybercriminals often try to circumvent the IPS by encoded advanced attacks using multiple complex algorithms to evade detection. Dell SonicWALL offers cutting edge IPS threat protection capable of defeating sophisticated evasion and obfuscation techniques to provide deeper network security to an organization.   

This week we are kicking off a campaign that focuses on the critical areas that Dell SonicWALL next-generation firewalls (NGFWs) which deliver a deeper level of network security without compromising performance. Check out our latest whitepaper: Achieve deeper network security here.

About the Author: Patrick Sweeney