Aruba’s Security Sales Specialist Richard Leadbetter discusses the need to look at the wide open spaces of your network.
Growing up in the UK we were taught two memorable lessons; how to cross the road, and don’t talk to strangers. Both are taught for obvious safety reasons but one was flawed and still continues to impact us in unexpected ways. Yes, as you can probably guess “Stranger Danger” wasn’t really fully thought through – it turned out the bad guys weren’t just unknown outsiders, they were also potentially people on the inside we knew all along. Still – let’s not let other possibilities get in the way of a simple solution – let’s build a wall and keep those bad guys out!
A similar scenario is being played out in network security; the traditional Perimeter Security function is dead; firewalls cannot keep the bad guys out any more, they are either finding cracks in the wall, or bringing their own ladders and climbing on in with compromised devices, stolen credentials, or an employment contract. Reports suggest that up to 90% of security budgets are still spent on perimeter defences, but yet amazingly only 24% of attacks ever attempt to breach the firewall. Of course this isn’t surprising when you think about it – do you go through the wall, or try and walk around it/over it?
The trouble is that whilst we’re still focused on the wall, we’re not paying enough attention to what’s happening inside. Once inside it’s all too easy to cause huge damage – even just by accident! Control on the inside of networks is still minimal, full authorisation being the default option in many cases. We half solved this problem with our wireless networks – luckily here the fear of the outside world played in our favour; the thought of outsiders connecting to our wireless networks from the car parking area proving too much to bear. Even here though we tend to rely on authentication of users but then give carte blanche authorisation afterwards. This situation is far worse when it comes to the wire though – the number of times where I’ve simply disconnected a conference phone in a board room to get network access due to lack of guest WiFi has long since ceased to be funny.
The wide open spaces on the inside of the network need to be looked at, we need to be able to keep the “blast radius” as small as possible to minimise breach impact. The wired network is the new worry, but we also need to add to what we’re doing on wireless. We need to be moving towards something approximating a “Zero Trust” networking model where every user (including IT) and every device (both endpoint and infrastructure) is authenticated, AND authorised, AND accounted for. The access policies for these must be dynamic and based on as wider ranging context as possible.
Aruba ClearPass combats threats to your ongoing network security, regardless of wired or wireless, by ensuring that all connected devices are visible at all times. With Aruba ClearPass, not only are you able to identify exactly which devices are in use, but how many are connected to your network, where they’re connecting from, and which operating systems are supported. It then allows you to control network access for those devices and respond when a potential situation arises.
Author: Richard Leadbetter, Security Sales Specialist, EMEA, Aruba Networks