Unified Threat Management and Identity-Based Security

The Next Level in Network Security

Enterprises address the growing problem of information leakage, intrusions, and other security breaches. IT organizations are now seeking efficient ways to monitor, report and respond to these activities from sources within and outside the enterprise even as the breach takes place.

Thus, Identity-based security solutions can step in here to provide discrete identity information along with network log data. With identity and network data combined, enterprises are able to identify patterns of behavior by specific users or groups that can signify misuse, unauthorized intrusions, or malicious attacks from within or outside the enterprise.

Enterprises, regardless of size, are increasingly realizing that their computer systems are vulnerable to as many security threats from within the company as from outside of it. Outsider threats such as spyware, phishing, and pharming are targeting individual users to steal individual/corporate data whereas “insider threats” arising out of user ignorance facilitate these attacks from within the enterprise. At the same time, insider threats originating from malicious intent is a real threat to enterprise security. Hence, today’s rapidly evolving threat environment, calls for a new security paradigm: Identity-based security integrated within unified threat management (UTM).
 
Changing Role of the User

In any enterprise, the largest security threat lies within the network i.e the user is the weakest security link in the enterprise. Insider threats are changing the nature of network attacks, both external and internal, causing enterprise loss out of ignorance or malicious intent. Unfortunately, and despite the best efforts of network security managers, hackers and criminals are becoming increasingly adept at compromising these networks, as they continuously invent new and more malicious network threats.

Enterprises are identifying an equal number of security incidents that originate from inside their organization as those that originate from outside. At the same time, the costs of unauthorized access and the theft of proprietary information has risen dramatically.

Firewalls and anti-virus alone are not enough to provide comprehensive security to organizations. Unified Threat Management (UTM) appliances are all-in-one security appliances which carry firewall, VPN, gateway anti-virus, gateway anti-spam, intrusion prevention, content filtering, bandwidth management and centralized Reporting as basic features. Cyberoam is a unique UTM solution that offers comprehensive protection while delivering low capital and operating expenses.
 
The Identity-Based UTM Appliance

As Federal and State governments and industrial groups take aggressive steps to mandate that enterprises address the growing problem of information leakage, intrusions, and other security breaches, enterprise IT organizations are now seeking efficient ways to monitor, report and respond to these activities from sources within and outside the enterprise even as the breach takes place.

Thus, Identity-based security solutions can step in here to provide discrete identity information along with network log data. With identity and network data combined, enterprises are able to identify patterns of behavior by specific users or groups that can signify misuse, unauthorized intrusions, or malicious attacks from within or outside the enterprise.

The importance of identity-based security has assumed greater significance with the emergence and rapid rise of unified security in the form of UTM appliances. Blended threats have given rise to the need for multiple security features for comprehensive protection to the enterprise. But the complexity involved in managing multiple security solutions has led to unified security with multiple security features over a single platform. There is growing recognition that identity management is a critical component of security and that UTM solutions are capable of extending their security to encompass user identity.

Benefits of an Identity-Based UTM Appliance

An identity-based UTM appliance that integrates identity data addresses the previously mentioned security issues and commonly provides the following benefits:

  • Protection from external system infections and compromises from outside the firewall due to Trojan horses, viruses, worms, and the like infiltrating the corporate IT system, including spyware, phishing, and pharming, which often occur without the user’s knowledge but usually because of nonbusiness activity such as visiting an online gaming or peer-to-peer media downloading site.
  • Protection from intentional intrusion from within and without by employees, hackers, or professional thieves where the objective is to obtain proprietary, confidential, or competitive information to use against the company’s interests or for financial gain. This has disastrous effects on reporting and compliance rules and regulations.
  • Comprehensive Reporting that tracks identity-based usage, problems, intrusions, and so forth. Any instance of misuse or intrusion has financial consequences for the enterprise, from simple employee productivity to system downtime to compromise or loss of valuable data or information.
  • Identity-based policy creation across all security features based on individual work requirements and network usage pattern.
  • Determining who is accessing what information and when is made possible. Likewise, automated tracking of access and permission rights who granted these rights and when and why they were granted  has become part of the cost of doing business for most organizations worldwide.

Considering Cyberoam

Cyberoam offers a mature, UTM solution with identity-based security, linking user identity to security right from authentication to policy setting, controls, and reporting, offering comprehensive network security to enterprises against internal and external threats. By offering identity-based policy making and visibility across all its security features, Cyberoam allows administrators to create customized user identity-based policies based on the user or department work profile. In addition, it offers instant visibility into "who is accessing what” in the enterprise. In doing so, it enables enterprises to meet compliance requirements in addition to facilitating instant action in case of a security breach even in dynamic IP environments such as DHCP and Wi-Fi. By eliminating IP addresses as intermediate components to identify the user, it offers complete control over environments in which multiple users share computers.

Specific Cyberoam identity-optimized UTM features include the following:

 
With thousands of installations in corporations, government institutions, and educational institutions worldwide, Cyberoam has set the pace for identity-based UTM solutions. For more information visit www.cyberoam.com
 

Comments

©2009 Google