As 2020 started, ransomware and phishing attacks continued to make the news. As we moved into May, it became clear that hackers were taking advantage of online content related to COVID-19 and the new dispersed workforce. According to CheckPoint Research (qtd Dark Reading), 192,000 COVID-19 related attacks were happening per week with many of them impersonating WHO, the UN and Zoom. Hackers were disguising themselves by using domain names that were similar to those used by these three entities. When clicked on through a web page or an email they led to malicious content that could lock up a laptop or cause a malicious executable to run on the device.
These emerging threats, along with the transitions to a fully remote workforce, have caused IT teams to re-evaluate their current network security practices and patch any areas of vulnerability. In many cases, businesses and organizations deploy a next generation firewall at their network gateway, protecting themselves from incoming threats from the Internet. With a system of policies in place, such as advanced web filtering, SSL inspection, and VPN connectivity, network administrators can prevent malicious traffic or users from gaining access to the network in the first place.
However, as times change, so do the tactics of cyber criminals. As the workforce has transitioned to working from home to help curb the spread of the COVID-19 pandemic, the attack landscape has increased tenfold. Attacks have shifted from network infiltration to attacking individuals and devices at the edge – mobile devices, IoT devices, tablets, etc. It is not enough to protect the gateway, but considerations need to be made to protect any other device that connects to the corporate network at any point in time.
Putting Together the Security Puzzle
IT Departments have consistently invested in perimeter, or endpoint, protection, but through classic human error, these controls and protections are often undercut. Endpoint security encompasses protecting each and every device at the network edge. Many times, it is the expected laptop, tablet, or a mobile device, but endpoint security can also include printers, servers, workstations, or other IoT devices connected to the corporate network. Endpoint security prevents the devices connected to the network from becoming entry points for cybercriminals to take advantage of. Implementing an endpoint security solution ensures that every device has protection as users go about their work on their laptops. As users download files from emails and from web pages, the endpoint security solution will ensure malicious files cannot get onto their laptops and then from there further get onto the corporate network.
Many times, businesses try to create piecemeal solutions when combining different security systems together to protect their network. This became increasingly clear during the pandemic as businesses were rushing to support their employees and creating a puzzle like infrastructure to fill instant security gaps. Sometimes, in this fragmented state of network security, notifications, alerts, and visibility can be compromised because these security programs do not work well together.
What are best practices for bringing both together?
Effective security calls for tight coordination and communication between the endpoint and the next generation firewall at the network gateway. This can be most effectively done with a cloud-based management platform that allows for visibility to flow between both security solutions. Using a solution that allows these systems to speak to each other, showcase visibility, and effectively alert network administrators creates a best in breed solution.
IT Departments can address the security gaps by integrating a next generation firewall and endpoint security solution in a way that provides comprehensive, network-wide visibility and protection.
Untangle brings this holistic solution to the forefront with our technology partnerships. We bring our award-winning NG Firewall and several best in class endpoint security solutions together with complete visibility and reporting in our cloud-based centralized management platform, Command Center. Command Center streamilines network administrators daily tasks and monitoring efforts with increased visibility, real-time analysis, alerts, and scalability across the network and endpoints that was previously done using multiple portals.
Untangle continues to address security gaps that businesses need to fill, ensuring all the pieces of the network security puzzle fit together. NG Firewall in addition to endpoint security solutions, all driven by real-time visibility in the cloud with Command Center give network administrators the tools they need to protect the network both today and tomorrow.
*** This is a Security Bloggers Network syndicated blog from Untangle authored by [email protected]. Read the original post at: https://www.untangle.com/inside-untangle/building-a-network-security-solution-ng-firewall-and-endpoint-security/