Story image

Application security: Extending the reach of your firewall

26 Jul 16

Apps. Everyone has plenty. On their smart phones. On their laptops. On their workstations. By 2020, market analysts predict that globally each person will own 26 IP-enabled devices including up to 50 billion IoT devices.

That, of course, includes your staff, guests, their families and, unfortunately, cyber-criminals. And each and every one of those apps represents a possible vector for malware infection.

The challenge is clear: you need to be able to control which devices and users can access your corporate network and which apps they can use to make the connection. “Secure access has to extend beyond the traditional firewall,” says Andrew Khan, Fortinet Senior Business Manager at Ingram Micro, New Zealand’s largest distributor of Fortinet’s cyber security solutions. “Secure access today is about allowing any device, in any location and at any time to have access to pre-determined sets of data, or to perform specific transactions, based on policy and context.”

Automated security policies

“In such a dynamic environment,” he continues, “it is essential that your network and security infrastructure can automatically profile, classify, monitor and block devices and applications the moment they touch the network. And this policy needs to follow this traffic as it moves across, or even in and out of the network. And this is as essential for mid-sized businesses as for large enterprises.”

What has changed is that application traffic is now pervasive. “Just as the number of apps and devices have grown exponentially,” notes Khan, “the volume of application and transactional traffic has taken off as well. While much of this traffic passes through the traditional perimeter, that border is becoming increasingly porous. At the same time, application traffic is flowing laterally across the network. And unless that traffic is rerouted through the firewall, it is largely not being inspected.”

Thousands of apps? Thousands of threats!

Personal devices now run thousands of apps, many of which are prone to infection. Web applications have become routine and are available in the tens of thousands. And cloud-based applications are being used prolifically by organisations - oftentimes without the knowledge of the company - in a trend that has been dubbed ‘Shadow IT’. Increasingly, firewall deployments simply don’t provide enough coverage for today’s web application threat landscape.

Which means that secure access needs to go beyond just traditional perimeter control. In a borderless network, connectivity can happen anywhere, so secure access needs to be pervasive. Networks and data stacks need to be intelligently segmented to contain threats and control access. Security needs to follow data as it moves laterally and horizontally across the network. And security needs to function as an integrated system in order to identify advanced threats hunting across the network for data to hijack or systems to exploit.

Simplicity: the best policy

All of this is a lot to take on, but it has to be done if you want to keep your staff, data and networks secure. “Fortinet doesn’t believe that the answer to an increasingly complex challenge is more complexity,” says Khan. “You can only keep so many balls in the air at the same time before you start dropping them. The best answer to complexity, ironically, is simplicity.”

Fortinet provides an entire suite of application security tools, all designed them to work together as an integrated and collaborative solution. These different, purpose-built technologies share a common operating system framework, share local and global threat intelligence, can be managed and orchestrated through a single management console, and can automatically coordinate a response to an identified threat anywhere across the entire distributed network environment, from IoT to mobile devices to the cloud.

This approach not only dramatically reduces the complexity of managing and orchestrating an effective application security strategy, but also introduces a level of sophisticated visibility and granular control that has never been available before.

So, when considering how to best combat the escalating challenge of protecting your application infrastructure. also consider that sometimes the cure can be worse than the disease. Overwhelming your security and IT staff isn’t really a strategy. An integrated security architecture, however, is.

For further information, please contact:

Andrew Khan, Senior Business Manager
Email: andrew.khan@ingrammicro.com
M: 021 819 793

David Hills, Solutions Architect
Email: david.hills@ingrammicro.com
M: 021 245 0437

Hugo Hutchinson, Business Development Manager
Email: hugo.hutchinson@ingrammicro.com
P: 09-414-0261 | M: 021-245-8276

Marc Brunzel, Business Development Manager
Email: marc.brunzel@ingrammicro.com 
M: 021 241 6946

How blockchain will impact NZ’s economy
Distributed ledgers and blockchain are anticipated to provide a positive uplift to New Zealand’s economy.
25% of malicious emails still make it through to recipients
Popular email security programmes may fail to detect as much as 25% of all emails with malicious or dangerous attachments, a study from Mimecast says.
Human value must be put back in marketing - report
“Digital is now so widely adopted that its novelty has worn off. In their attempt to declutter, people are being more selective about which products and services they incorporate into their daily lives."
Wine firm uses AR to tell its story right on the bottle
A Central Otago wine company is using augmented reality (AR) and a ‘digital first’ strategy to change the way it builds its brand and engages with customers.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
Protecting organisations against internal fraud
Most companies tend to take a basic approach that focuses on numbers and compliance, without much room for grey areas or negotiation.
Telesmart to deliver Cloud Calling for Microsoft Teams
The integration will allow Telesmart’s Cloud Calling for Microsoft Teams to natively enable external voice connectivity from within Teams collaborative workflow environment.
Jade Software & Ambit take chatbots to next level of AI
“Conversation Agents present a huge opportunity to increase customer and employee engagement in a cost-effective manner."