The new perimeter

CSOs are mixing an assortment of technologies, approaches and policies to shore up defenses on the changing corporate boundary

By Elisabeth Horwitt, CSO |  Security

July 09, 2012, 2:17 PM Back in 2008, guarding Motorola's perimeter was a lot simpler than it is today, recalls Paul Carugati, the
company's information security architect. "It was OK to just open up [firewall] port 480 [to network traffic],
because we knew that everything that ran over it was HTTP," he says.

But with the rapid growth of Web 2.0 applications, e-commerce environments and cloud services, he adds, "in
2010, that wasn't so true; in 2011, it wasn't true at all."

Management was continually questioning Carugati about the risk exposure related to a critical service or a
social media environment, and the possibility of infiltration of the company's data through social media.
Motorola's then-current firewall technology could trace users' IP addresses, but it could not track applications
and so was unable to monitor which ones were exposed.

[Also read The 7
deadly sins of network security]

To address the issue, Motorola's security department added a next-generation firewall
(NGFW) to its perimeter defense mix. In addition to traditional Level 3 and 4 firewall security, the platform
can track outgoing and incoming traffic at the application level. This has brought huge gains in visibility,
control and enforcement, Carugati reports. Now, it's clear "which apps are flowing through that egress environment,
including apps we thought we weren't allowing outbound and ones we didn't know about," he says.

That visibility enables the security team to enforce far more granular security policies at the application
level, rather than at the network protocol and port levels. Furthermore, management can now draw a far more
accurate picture of the company's social network presence and interactions, for risk assessment and compliance with
regulations such
as PCI DSS, Carugati says.

NGFWs are just one way in which companies are revamping their defenses in response to new threat vectors that
have grown out of businesses' growing use of and dependency on Web applications, social media, cloud computing,
virtualization, wireless networks and mobile devices. These technologies continue to change the fundamental nature
of business computing and communications.


Originally published on CSO |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

SecurityWhite Papers & Webcasts

White Paper

Controlling the Cost of File Transfers

Webcast On Demand

MFT and FileXpress - An Overview

Sponsor: Attachmate

White Paper

Secure Data Streaming with Attachmate FileXpress

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

How do you enter DFU mode on an iPhone 4?
0 answers
Why are people freaking out about people taking photos with Google Glass?
0 answers
How much better is VP9 than VP8?
1 answer
More questions
Ask a Question