Communications connectivity

Enhancements in the network infrastructure that connect devices within or across the network make all these developments possible. We’re seeing ever faster network connections, more remote users and extensive upgrades to mobile networks. We need to think about security policies and where and how to provide protection.

Below are some of the eight trends we think will impact network security and your security strategy:

Mobile networks, VPNs and roaming users: Today’s connect-from-anywhere road warriors regularly test the traditional boundaries of network security. Firewalls are increasingly porous as employees access services from devices such as iPads, Android phones, tablets and PCs, all of which require security that mirrors but also improves upon PC solutions. Extending connectivity to small branch or home offices is also a focus for many organizations. Your network strategy needs to consider how to secure access across platforms over an expanding network perimeter.

Targeted attacks and APTs: APTs (or advanced persistent threats) represent the next generation of Internet crimeware. For years network security capabilities such as web filtering or IPS played a key part in identifying such attacks (mostly after the initial compromise). As attackers grow bolder and employ more evasive techniques, network security must integrate with other security services to detect attacks. We’ll need to evolve security capabilities in response to these threats in the coming years.

Consumerization and BYOD: Consumerization and the BYOD (bring your own device) movement means consumer devices including iPads, iPhones and Android phones are moving onto the corporate network. To deal with consumerization, your security strategy needs to focus on network security for devices where an endpoint agent may not have been deployed, or may not be functioning properly. 

For example, if a user connects with a Mac running malicious code, your network security layer should be able to identify that the device is attempting to retrieve malicious code updates or other suspicious activities and be able to identify and remediate it. Otherwise, you may not find out until you’re already infected and remediation can only happen after the fact. Consumerization and BYOD increase the importance of alignment between your various security layers, particularly those at the network layer.

Web application and web server protection: The threat of attacks on web applications to extract data or to distribute malicious code persists. Cybercriminals distribute their malicious code via legitimate web servers they’ve compromised. But data-stealing attacks, many of which get the attention of media, are also a big threat. Organizations used to focus their security investment on PCs and preventing conventional malware from spreading to them and onto the network. Now, you need a greater emphasis on protecting web servers and web applications. Similar challenges lie ahead for emerging technologies such as HTML5 (see our article, "HTML5 and Security on the New Web," for more information on this trend).

Visit “Eight Trends Changing Network Security” for the complete list.

James Lyne is Director of Technology Strategy at Sophos. Monthly guest blogs such as this one are part of The VAR Guy’s annual platinum sponsorship. Read all of Sophos‘ guest blogs here.