Securing the enterprise network with big data science — from the cloud
Date: Thu, 11/26/2015 - 15:50 Source: By Wedge Networks
Forget simply defending the network perimeter. There is no perimeter. Mobility, cloud IT and hosted applications have nearly dissolved the boundaries that once defined the perimeter. Enterprise networks are vulnerable from malicious websites, hostile content, compromised end points, and new vulnerabilities that exploit mobile hotspots, and of course the cloud. Ironically, security solutions based in the cloud also represent the best approach for securing the enterprise network, using tools provided by Internet service providers and secure telecommunications carriers
Frank Wiener, Vice President Marketing, Wedge Networks, at GEN15 Event, Dallas, Texas
PHOTO / telecomkh.com
For years, enterprises have assumed full responsibility for their data security, at considerable expense. Deploying hardware appliances like firewalls; software solutions like intrusion detection/prevention systems; management platforms and more. A lot of time, a lot of expenses, all to try to stay one step ahead of the bad guys. All the while, evolving threats and new mobility and cloud vulnerabilities have generally rendered those premises-based approaches insufficient.
What about carriers? Their traditional role is to provision connections and move packets between Point A and Point B. The competitive differentiators of carriers were factors such as bandwidth, latency, geographic reach, ease of creating new services, uptime, redundancy, service level agreements, and of course price. Thanks to evolving technologies like Software Defined Networking (SDN) and Network Functions Virtualization (NFV), carriers and ISPs are now able to offer their customers Security-as-a-Service – and this is a game changer, especially with the type of innovations offered by pure-play cloud-based security players like Calgary, Alberta-based Wedge Networks.
Wedge has become well known for its Cloud Network Defense platform, which is a massively scalable security software system that runs within a carrier’s network. As a software solution designed to run in the new service provider data center architecture, it can be deployed with minimal upfront costs and scaled up as the carrier adds new security customers. Installed on typical data center servers, it allows ISP or carriers operating as Managed Security Service Providers (MSSPs) to enforce enterprise grade Security-as-a-Services to individual enterprises according to their subscribed security services agreement. Because it runs in cloud environmentsusing SDN and NFV, the software dynamically scales to process high volumes of network — without slowing down the traffic.
The security technologies in Cloud Network Defense are state-of-the-art, including Wedge’s deep inspection engines to detect and block malicious attacks and data exfiltration from L3 to L7 and content; an identity based policy engine that selectively applies security services that meets the subscription level; an intuitive single-pane-of-glass user interface for enterprise customers; and support for all current and evolving virtualization platforms, such as OpenStack and KVM. That’s only the start, however.
The newest twist in Cloud Network Defense is a data science based service called WedgeIQ. This Big Data functionality employs a set of unique threat detection and remediation algorithms and a variety of pattern-matching and machine learning techniques to identify targeted cyber threats against individual enterprises. It enables real-time response to security outbreaks, and presents the results as easy to understand analytics to the enterprise customers to help them appreciate the security services in action.
Consider this real-world security intervention with a service provider running Cloud Network Defense with WedgeIQ: Phonoscope Lightwave of Houston,deployed the Wedge Cloud Network Defense platform,and was using it in a detect-only mode to monitor the broadband traffic of one of their customers, a school in Texas.The intent was to gather threat intelligence data that would be shared with the customer, along with information about a new Security-as-a-Service offering under consideration. Ironically during the monitoring period, the customer experienced a massive network attack, resulting in a customer network outage. Phonoscope Lightwave immediately used the threat intelligence data gathered by WedgeIQ analytics and threat learning techniques to help the customer to rapidly detect, isolate and resolve the problem.
In this example, the Wedge system was in detect-only mode, but the detection of the threat illustrated that the entire attack and network outage could have been detected and blocked if the Security-as-a-Service offering was already in place.
Because WedgeIQ is based in the cloud, security is becoming democratized. In the past, very large enterprises – think Fortune 500 – could afford world class, multi-layered defense systems. Small and mid-size businesses, not so much: They only had the security and countermeasure capabilities commensurate with their IT staff’s capabilities, and of course, their ability to buy and manage expensive on-premises solutions. This not only left their data systems, customer data and intellectual property vulnerable, but placed them at a competitive disadvantage compared to better-funded corporations.
That is changing: As carriers across the globe adopt SDN and NFV, and add Security-as-a-Service solutions like Cloud Network Defense, small and mid-size businesses can receive the same security technologies as their larger counterparts – and only pay for what they use.
The enterprise network perimeter no longer exists. Remote employees, field offices, mobile users and cloud computing have rendered premises-based security systems insufficient. The only way to effectively protect the small, medium or enterprise-sized network is to filter traffic as it traverses the network. As more carriers adopt SDN and NFV, Software-as-a-Service is becoming the new model for effective network defense. Multitenant solutions like Wedge Networks’ Cloud Network Defense, augmented by data science with WedgeIQ, are at the leading edge of protecting the modern business.