Is it safe for companies to have firewalls? is the enterprise network architecture secure now? What are the problems with the current enterprise network security infrastructure? A new generation of security agent-specific equipment will be an important part of the Enterprise network security architecture, but also to solve the enterprise network facing the above problems of an effective solution!
With the rapid development of the Internet, more and more enterprises through the network to carry out business, many enterprises even feel left the network, the business can not operate normally, the importance of network security is evident. As a result, businesses are spending money on network security at all costs, buying firewalls, email antivirus systems or desktop antivirus systems to stop viruses from flooding and hacking. In many enterprises and even system integrators, such networks can be safe in security.
But the existing enterprise network security infrastructure is flawed, so they cannot defend against new viruses and attacks. The way to spread and attack the virus is no longer just through e-mail, but hidden in the complex application layer data, through web Web browsing, webmail systems, chat software, Peer-to-peer file sharing applications, but the existing security facilities of enterprises can not control these channels of communication. Now, IT managers have to re-examine the enterprise's network security system.
The enterprise network faces new problems
The current enterprise network faces the following problems, if not handled well will directly lead to the decline of enterprise productivity, the ultimate loss is the enterprise's profits.
Web abuse lowers enterprise productivity The extensive use of the web has greatly helped businesses improve productivity and access to information at an unprecedented rate. But the internet is a big dyeing tank, a wide variety of content, news, shopping, sports, pornography and so on, the user a mouse, it may be brought to work unrelated to the site, which will inevitably lead to lower efficiency of staff, which leads to the decline of enterprise productivity, serious may also bring the virus into the company intranet, Or implanted in the back door by an attacker, leading to disastrous consequences. Therefore, to filter inappropriate content, to forcibly remove malicious code and viruses, to manage, monitor and supervise employees to use the Internet correctly, is the urgent task to improve the profit of enterprises.
the security of the chat tool The chat tool here refers to the real-time information exchange tools such as MSN Messenger, because they were originally made for chatting between friends. Now, this kind of chat tool has become some enterprise information exchange main tool. However, authority studies have found that these chat systems are designed with a focus on flexibility, without regard to security issues. The obvious fact is that almost all free chat tools have the ability to bypass firewalls, and firewalls cannot block them. Moreover, the exchange of information between chat users is through the public network, through the chat server forwarding, information is clearly visible on the network, which will easily lead to corporate confidential information stolen. As mentioned earlier, chat tools have also become a way to spread the virus massively. However, the efficient and convenient features of online chat tools are rapidly being accepted by more and more people, simply shielding is not appropriate, the key is to adopt an effective chat control strategy and supervision.
Point to point file sharing application security issues Peer-to-peer file sharing applications, known as BT downloads in China, is a rapidly popular Internet file sharing application in recent years. In this application, each user is both a client and a server, and everyone can download the data they need from other users or share their downloaded data with other users who need this part of the data. As a result, this application eliminates the traditional download method of the server bottleneck, the more the number of downloads, the faster the download speed. Peer-to-peer shared files are usually copyrighted music, movies, business software, and so on. However, there is no reason for this application to exist in a corporate network, as it will not only have a serious impact on network availability, but it can also be a way to spread the virus, and the copyright problems associated with its shared files may also bring potential legal liability to the enterprise. Therefore, it is necessary to shield and control it from all aspects.
Agent Service Problem Solving
Why can't firewalls solve these problems effectively? Because the main function of the firewall is to block attacks from outside. Most of the firewall used by enterprises is packet filter type, or advanced some state-check firewall, the main function is based on the rules set by the administrator packet filtering, the attackers in the network outside. Most of the intrusion attacks caused by internal personnel accessing external resources are helpless.
The firewall is not effective for application layer checking. The new problems faced by the enterprise network have a common characteristic, that is, it needs the control and management of the application layer. But now the firewall is working in the network layer, although some of the firewall to implement a partial protocol application layer processing, but because its hardware and operating system for packet filtering and state checking, using a dedicated chip for IP address and port number of fast matching and design, If a firewall is required to assemble a packet of network-layer packets and extract the application layer data, then the complex pattern matching can not achieve satisfactory performance. In fact, most of the firewalls currently being used by users are only checked at the network level, and few users will be able to open the application layer check function, mainly because of performance problems.
The best way to check the application layer is to use a new generation of security agent-specific devices. Agent-specific equipment is the proxy user's access request, as all user access traffic must be through agent-specific equipment, on agent-specific equipment for users, network protocols, time and other factors to implement a deep level of access policy control, and to violate the policy situation using the Insert page way to remind users. Simultaneously provides the complete access log, the virus scanning log, the chat log and so on, and after the statistical analysis formation report, discovers the question early, causes the control strategy further consummation.
Security agent-specific devices are an important complement to the existing network security architecture, but they are not a substitute for firewalls. New network security concept that should use firewall to block the attackers from the positive intrusion, focus on the network layer filtering, and security agent-specific equipment management and control of internal users external access, focus on the application layer content inspection. The two complement each other, achieve a full range and the best effectiveness of the security Defense framework, redefining the Enterprise network security prospects.