Network Defense

By root

Securing corporate networks has become an increasing complex task, but one in which solution providers are able to access a good opportunity for profit, if they have the right skills and the right solutions portfolio, writes Piers Ford.
Despite the rise of cloud computing and increased corporate interest in outsourced infrastructure and managed services, the enterprise network remains a complex beast to manage– and it is only going to become more so as demand for bandwidth, capacity and real-time access to business tools and applications continues to grow.
Nothing embodies this complexity as much as the challenge of securing the network. In an age of bring your own device (BYOD), holding cyber criminals, viruses and emerging threats at bay is a constant thorn in the side of the network manager. Given that no two networks are the same, the opportunity for the channel to provide customers with solutions that can be tailored to their specific circumstances, and a range of associated consultancy services, is considerable.
According to market analyst Gartner, the global security and services market will be worth $67.2bn by the end of this year – up from $61.8bn in 2012. By 2016 it will breach the $86bn barrier.
“With security being one of the top IT concern areas, the prospect of strong continued growth is assured,” said Ruggero Contu, research director at analyst firm Gartner. “The consistent increases in the complexity and volume of targeted attacks, coupled with the necessity of companies to address regulatory or compliance-related issues continue to support healthy security market growth.”
Quite simply, agreed Florian Malecki, EMEA product and solution marketing director at Dell Software, businesses need 360-degree visibility, 24 hours a day, 365 days a year.
“In addition, network managers need to anticipate the unknown, identify key assets to protect and identify potential weaknesses, empower employees and educate users,” he said. “Security should be a number one priority for any network manager.”
But in a market full of choice, the range of firewalls, secure remote access tools, anti-virus and email security applications, and centralised management and reporting tools is daunting. Network managers in the Middle East need help in separating actual from potential risks while ensuring the day-to-day security of the data flowing in and out of the organisation.
“Identifying tools that give the confidence to prioritise one risk or vulnerability above another has to be the key to any successful network security strategy,” said Brent Thurrell, executive vice president, EMEA and India, at risk identification tool specialist BeyondTrust.
“That confidence is gained through a clear view of the state of the network security landscape, enabling the team to make rapid, accurate decisions and to take appropriate, necessary action. Identifying the tools that will give that confidence is the greatest challenge facing network security teams today.”
A major complicating factor is the rapid rate at which the cyber threat picture is changing, and the constant arrival of new emerging threats that are unpredictable and increasingly sophisticated.
“Financial services institutions and their online banking customers face a rapidly escalating threat landscape in which malware attacks and data breaches are commonplace,” said SÉbastien Pavie, regional sales director, MEA at data protection solutions vendor SafeNet.
The company is a single-source vendor that protects identities, transactions, data, communications and software licensing through a full spectrum of encryption technologies and licensing management.
“There is also increased concern among IT leaders over the rise in corporate espionage and Advanced Persistent Threats (APTs) that originate from unauthorised local network access,” said Pavie.
“Another trending threat is the blended cyber-attacks, where hackers use an array of different malware and techniques to gain access to multiple areas of a network.
“With the proliferation of mobile devices and BYOD, we have also witnessed a new type of attack, targeted at smartphones, such as the recent breaches on Android devices. Also, social media hacktivism is gaining ground, with highly visible corporate profiles being hacked, especially in the government, mass media and publications sectors, as well as identity thefts from individual users of various social media platforms.”
Network security, then, is not a market for resellers to dabble in. The days of commoditised anti-virus packages and a general reliance on password protection are starting to recede into a more innocent past. Corporate clients and SMEs need specialist suppliers who fully understand the daily challenge of securing the network and can provide the latest tools and expertise to deliver appropriate solutions.
“Essentially, the security channel is largely specialised as it requires dedicated technical resources, experience and qualifications that are critical for the success of any complex implementation,” said Khalid Abu Baker, managing director, Kaspersky Lab Middle East.
“Having said that, the channel has evolved fast and broadband distributors are bundling their offerings with dedicated security solutions to offer customers a one-stop-shop, comprehensive solutions covering everything from system and hardware to networking complete with an over-arching security solution.
“This is especially true for those resellers catering to the needs of the SMEs as well as start-ups. However, it is important to note that even within the broadline distribution companies, security serves as a distinct business unit with dedicated, qualified resources and personnel to offer the right security solution that integrates with the overall solution being offered to the customer.”
Baker said that the most important thing for the channel in the region is to invest in the skills and expertise of its people, to make sure they are qualified to understand the customer’s technology needs and their business requirements.
“Today, a security engineer needs to have a thorough understanding of the customer’s entire infrastructure, from the network to the applications, right down to servers and support hardware, to be able to position the right solutions to ensure maximum efficiency and performance across the entire length and breadth of the organisation,” he added.
“We invest in certified training (Kaspersky Certified Engineers) to create the right resources to be able to successfully undertake and support a complex installation in the region that goes beyond just providing anti-malware or threat protection technologies, to providing multi-layered solutions that cover all aspects of the customer’s infrastructure and associated end points to create a true ‘secure’ environment.”
Specialist security reseller help AG is in the position of selling solutions in this intense and dynamic market. And director of technology services Nicolai Solling said vendors could do more to support the channel in developing its skills set. Help AG is one of the few regional players capable of providing consultancy and implementation services for certifications and standards such as the ISO/IEC 27001 standard.
“It will be extremely difficult for any broadline or generalist reseller to maintain the knowledge required to be experts in security,” he said. “Even within the field of security, there are multiple areas of expertise such as solution design, technology consulting, analysis and strategic information management, as well as the overlooked area of security analysis.
“As a reseller, we would like to see vendors focus much more on technical expertise, quality and customer satisfaction. Too often the emphasis is only on selling the box. This might work in the consumer market but certainly not for enterprise businesses. To a large extent, the growth of Help AG in the Middle East region can be accredited to the simple fact that we have a solution design approach instead of focusing on a specific box. We deliver consultancy to the customer on their requirements and then identify what makes sense, together with them.
“I think vendor programmes should offer benefits that encourage partners to invest in their training, certifications and demo labs. Also, instead of evaluating a partner’s capabilities of how much training or how many certifications they have achieved, vendors need to take into account customer satisfaction so that they hear from the end-user whether the partner is capable of delivering up to expectations.”
Emerging threats to network security
Complexity is the watchword for network security in the Middle East, with cyber threats at the top of the risk league table.
“The GCC region has been specifically under attack in the last few years,” said Hani Nofal, director of Intelligent Network Solutions at GBM.  “According to our recent Cyber Security study, 67% of polled IT professionals think that the Middle East region is a prime target for cyber-attacks.
“These are far more complex, coordinated and targeted than previous attacks, which were mostly unstructured and simple. Organisations realise the changing dynamics of the threat landscape and are looking at identifying all vulnerabilities across their firm to protect systems on an end-to-end basis.”
Nofal said there has been a surge in zero-day attacks, which take advantage of chinks in network security on the same day that they become generally known. They are almost impossible to defend against using signature-based technologies that haven’t caught up with them.
“To combat the threat of zero day and other various risks, companies are moving towards behaviour based technologies rather than only signature based ones,” he added. “More intelligence and security analytics are needed to pre-empt attacks and permit pro-activeness. Security Incident and Event Monitoring (SIEM) solutions contribute to this and simplify security operations.
“‘Sandboxing’ on-premises or on-the-cloud solutions detect and prevent zero day malware from entering networks. Database activity monitoring tools are being considered by most organisations wary of critical data being lost or leaked to unauthorised people.
“Some of the most prevalent risks are related to BYOD security challenges and mobile malware is increasing exponentially, adding a new dimension to maintaining security. Mobile device management and identity management (L3 to L7) will continue to gain importance due to changing business needs and compliance management.
“Organisations need to increase user knowledge and implement customised and documented processes to provide a holistic defence as technology alone cannot protect them.”
Find your inner consultant
The channel has a key role to play in helping organisations to build and maintain network security strategies that are not set in stone, but are adaptable to technology trends and emerging threats.
“Consultancy is one of our core competencies and is a major contributor to our revenues and success,” said Nicolai Solling, director of technology services at systems integrator Help AG Middle East.
“We regularly assist customers across the region, updating their network security policies. This is because policies need to be regularly revised or else they become inefficient since new threats continuously cropping up and evolving. New business needs often result in the development and deployment of new applications. Since these types of applications require a new level of visibility we are often called in to deliver technical controls to mitigate the risks in such applications.
“As part of our ISO27000x and ADISC projects there is always a component of user-awareness training, since this supports the success of any Information Security Management implementation in an organisation – these trainings are always very popular, as they tie together what the information security department is doing and how it is impacting the users.”
The degree to which corporate network managers could still benefit from education and consultancy in the region was revealed by a recent survey conducted by GBM: 62% of polled organisations allowed users to connect to their corporate network but fewer than 20% had adopted security measures to protect themselves from associated threats.
“There are still many companies in the region who rely on basic security infrastructures and have few processes or policies implemented as best practices,” said Hani Nofal, director of Intelligent Network Solutions at GBM.
“BYOD policies are also being widely implemented across the region, according to our regional survey, which included more than 900 organisations in the Gulf region. Yet, implementation of strong security policies, and a general awareness of the small ways in which security can be breached by anyone in the company, at any level, is still lacking.
“The study also revealed that a third of the IT professionals polled owned up to three devices, and one-in-ten owned five or more personal devices, such as smartphones and tablets.
“With these kinds of figures, security becomes an even more complex issue for organisations and every individual has to be aware of the ways in which they keep their company’s data safe and secure at all levels.”

Upcoming event

Black Hat MEA 2024

  • KSA
  • Riyadh