January 24, 2011

The Network Security Architecture (NSA) Meets Web 2.0

The first phase of the Internet was relatively prosaic. Browsers connected to Web sites to view relatively static Web pages and HTML forms--much to their delight. More recently, those calm days of static connections and predictable network utilization have been replaced by a new breed of dynamic, bandwidth-hungry, and increasingly vulnerable Internet applications. What will this transition mean for corporate networks? This paper concludes:

  • New consumer-focused Internet applications impact business networks. Web 2.0 sites like Facebook, Twitter, and YouTube continue to gain popularity inside and outside the corporate network. These sites create new risks for corporate IT assets as they open a new delivery channel for malicious code and push critical business traffic aside by consuming vast amounts of precious bandwidth. Security managers can't stop the music. Users now depend upon these new applications for business benefit, personal communication, and entertainment--it is too late for security managers to advocate blocking this traffic altogether.

  • Today's new Internet applications predict the future. Consumer-focused Web 2.0 applications presage future business uses for resource sharing, file distribution, and collaboration. As such, large organizations that master new Internet application management today will have a head start on future network challenges.

  • Managing new Internet applications isn't easy. Point tools can provide tactical help in small segments of the network, but can't integrate with existing firewalls, IDS/IPS devices, routers, and switches. Given these restrictions, their value is extremely limited.

  • Large organizations need an end-to-end Network Security Architecture (NSA). To protect against threats and manage resource utilization, security must be integrated into the network in an enterprise architecture: the NSA. ESG believes that an NSA will provide the intelligence to help organizations control access to Internet applications, protect against malicious code attacks, and work with L2/L3 devices to prioritize business-centric traffic.

Download Paper
(Webtorials registration required for downloads. Click here if you forgot your username/password.)

1 Comment

Last week we had a couple of announcements in which we focused on the fact that mobile devices (smartphones to pad/tablet computers) are going to be a part of the corporate network, so rather than attempts to limit the use of the devices, the better approach is to make sure that they are integrated appropriately.

The same is true of "Web 2.0" applications. Several years ago, there was a lot of attention paid to trying to disallow certain applications - such as peer-to-peer apps - so that the corporate network would be "protected."

At this point, however, some of those same applications are becoming part of mainstream capabilities. Gmail is a most viable competitor for havign your own servers. Many organizations' marketing strategies are incorporating Facebook. Skype recently announced multi-party video chats targeted at businesses.

Clearly, the best practice is to control the use of these apps rather than trying to swim against the tide.

This paper does a great job of discussing this issue and offering strategies for appropriate use of Web 2.0 apps while maintaining an appropriate security architecture. I highly recommend it.

Search Webtorials

Get E-News and Notices via Email




I accept Webtorials' Terms and Conditions.

Trending Discussions

See more discussions...

Featured Sponsor Microsites



Please note: By downloading this information, you acknowledge that the sponsor(s) of this information may contact you, providing that they give you the option of opting out of further communications from them concerning this information.  Also, by your downloading this information, you agree that the information is for your personal use only and that this information may not be retransmitted to others or reposted on another web site.  Continuing past this point indicates your acceptance of our terms of use as specified at Terms of Use.

Webtorial® is a registered servicemark of Distributed Networking Associates. The Webtorial logo is a servicemark of Distributed Networking Associates. Copyright 1999-2018, Distributed Networking Associates, Inc.