Executive Thought Leadership

Create Self-Defending Networks

Protecting today's anytime, anywhere networks requires automated, security-centric interactions among network elements.

People who use computers can now get consistent access to application services, independent of the underlying networks and access devices they are using. This capability represents a milestone in getting the right information to the right people at the right time.

The free exchange of applications across multiple networks can also open the door to potential abuses if the proper safeguards are not engineered into the network foundation. Protection for today anytime, anywhere networks requires automated, security-centric interactions among network elements.

And just as timing is a critical component of interactions among people and with information databases, time is essential in securing network resources. Reacting to an intrusion after the fact is often too late to prevent serious damage from today rapidly propagating viruses and other infections.

Multiple Points of Entry

The traditional fortress model of keeping everyone except authorized employees off the network is breaking down in the face of new business requirements. Now, not only do employees demand ubiquitous network access, but so do business partners, contractors, guests, and others. As a result, access devices are off-net some of the time. This makes them susceptible to public Internet infections, which can put the corporate network at risk when the devices reconnect.

Multiple methods of access used by a diverse user population also mean that there are many more avenues into the network than the single front-door connection point where traditional security systems once confidently—and exclusively—stood guard. So controlling access to a corporate network has become a much more far-reaching and in-depth endeavor.

Securing a blurry network perimeter requires a system of defenses that leverages the ubiquitous sensing and control capabilities of the whole network. Each part must communicate with the others to strengthen protection across the entire infrastructure.

Protection built directly into network elements, which can interact with one another in the context of a policybased framework transparent to all applications, will form a self-defending network of the future. This adaptive network will respond to security events as they take place rather than later, when an organization may have already suffered damage.

Already, network elements have begun to interact in near-real time to determine whether to grant access to a particular device attempting to connect to the network. The network foundation assesses whether the software on the laptop, desktop, or server requesting access has current antivirus software and operating system patches. This involves an intelligent network infrastructure collaboratively detecting connections and then enforcing actions (grant or deny access, update software, or quarantine device, for example) in compliance with corporate security policies.

A Unified Foundation

A self-defending network has a foundation that integrates traditional networking technologies with security functions. Rather than being contained in separate appliances attached to a network, security functions will be hardwired into the network foundation, becoming inseparable from traditional routing and switching capabilities, to form a high-performance security network.

This foundation will also embody application-layer intelligence. This means that the network will examine not only data, but application-level and message-level information, to ascertain the intent of the applications. This way, the network can more reliably and rapidly identify misuse or threats.

The security functions embedded in the network foundation will use industry standards to communicate effi- ciently with one another for a coordinated defense. Such unification could lead to important security advances, such as universal digital identifications for applications and devices, regardless of the network in use.

By having a unified communications and security foundation in which security components interact with one another at the right time and adapt to fight intrusions as they occur, networks will continue to work at or near capacity even when invaded by detrimental entities, just as the human body continues to function while fighting a cold.

A self-defending network has a foundation that integrates traditional networking technologies with security functions. Rather than being contained in separate appliances attached to a network, security functions will be hardwired into the network foundation, becoming inseparable from traditional routing and switching capabilities, to form a high-performance security network.

This foundation will also embody application-layer intelligence. This means that the network will examine not only data, but application-level and message-level information, to ascertain the intent of the applications. This way, the network can more reliably and rapidly identify misuse or threats.

The security functions embedded in the network foundation will use industry standards to communicate effi- ciently with one another for a coordinated defense. Such unification could lead to important security advances, such as universal digital identifications for applications and devices, regardless of the network in use.

By having a unified communications and security foundation in which security components interact with one another at the right time and adapt to fight intrusions as they occur, networks will continue to work at or near capacity even when invaded by detrimental entities, just as the human body continues to function while fighting a cold.