Application awareness: using data inspection to create context-sensitive security policies

Table of Contents

  1. Summary
  2. Introduction
  3. Yesterday’s security solutions can’t combat today’s risks
  4. What the modern enterprise network requires (best practices)
  5. Industry reference points
  6. Conclusion
  7. Key takeaways
  8. About Matt D. Sarrel

1. Summary

The modern enterprise presents numerous challenges to IT security leaders, as it requires a diverse array of applications, websites, protocols, and platforms. Mobile devices are changing the fundamental composition of network traffic and introducing new types of malware, while consumerization trends such as BYOD are introducing new devices over which IT has little control.

To organize the chaos, IT must look beyond a network packet’s site, port, or IP address and determine a security posture that relies on the complete context of data usage. A deep, thorough inspection of real-time network data can help provide the content awareness required for the granular management that a flexible, modern enterprise requires.

This report examines the shortcomings of traditional security and management processes exposed by device proliferation, an increasingly mobile workforce, and a movement toward cloud applications. It also demonstrates how a deeper understanding of application data in transit can help IT build more-flexible, business-friendly management procedures that continue to provide security and efficiency without disrupting productivity. The report concludes with best practices for testing application-aware network-security devices to gain a greater understanding of the value they will provide when deployed onto the enterprise network.

Consider the following:

  • Traditional security and access controls are no longer capable of protecting enterprise networks yet continue to serve a purpose within a defense-in-depth strategy.
  • BYOD and other consumerization trends bring new threats to the enterprise that must be addressed by innovating network-security and policy management.
  • IT security leaders must validate and test these new application-aware network-security devices and identity-based policy-management systems.

Thumbnail image courtesy of opera3d/Thinkstock

Full content available to GigaOm Subscribers.

Sign Up For Free