Businesses need to protect their assets when they are within their protective infrastructure AND when they are actively exposed or placed within the unprotected external world. The tools and procedures needed to protect the internal assets are different from the ones that protect the assets when they leave the confines of the secured network.
Walls and defenses
Most sovereign nations have security forces and a military to protect their infrastructure from attack or invasion. A strong and strategic defense against overt and clandestine forces is important to maintain the nation’s independence. Customs and immigration control monitors and identifies the subtle threats while the military forces detect and block the overt attacks against the nation.
These are the equivalent of the firewalls, intrusion prevention systems (IPS), web application firewalls (WAF), and other security technologies that companies deploy to protect their applications and IT infrastructure. They serve a critical, but specific, purpose to detect and defend against external threats that are actively probing and attacking the known business assets.
Protect the asset in the wild
Protecting the infrastructure is good, but there is a threat to businesses that has more harmful potential than the waves of attacks pounding against the IT defenses. When company resources (applications, people, and physical assets) leave the confines of the internal infrastructure, they become vulnerable.
Anytime an application or person generates a request to a resource on the internet, they are exposing themselves to threats and attacks that can bypass the traditional security infrastructure.
The assets become subject to a myriad of threats and attacks that the security solutions that are protecting the core infrastructure no longer detect and block. Attackers can hijack and obtain sensitive information. Other assets can have malicious payloads attached to them. Consider the potential for something to be discreetly attached to a vehicle or inserted into a package in transit.
Another threat is the possibility to compromise the asset through extortion or blackmail. Or, the asset can be turned to become an agent for the malicious forces through more social tactics such as bribery or ethics (or lack thereof).
Q for IT security
Nations do not send their assets and citizens outside their borders without protection. There are embassies, state department advisories, and border inspections when leaving and returning. Sensitive assets may even get added enhancements like tools and escorts to protect them while they are outside the protected confines.
Businesses have an obligation to provide tools to protect their assets from threats on the internet when they are leaving the confines of the protected IT infrastructure. Outbound inspection solutions detect and protect against threats that users and applications are connecting to the internet. Malicious websites, phishing emails, and ransomware are just a few of the popular threats that IT organizations must defend against.
Detect AND protect
These solutions are useful as long as they can inspect and detect the threat. Unfortunately, the internet is going dark and encryption technologies are becoming more prevalent and hiding the information and threats. Outbound SSL decryption solutions are needed to regain the lost visibility for these security inspection solutions.
The application delivery controller (ADC) is poised to be the tool to provide the visibility lost when content on the internet is encrypted. When used with the ADC, the outbound security solutions become the detection and mitigation tool that provides the protection against the threats that users and applications are exposed to when accessing the internet.
Read “Keep It Simple; Make It Scalable: 6 Characteristics of the Futureproof Load Balancer” to learn more.
Frank Yue is Director of Solution Marketing, Application Delivery for Radware. In this role, he is responsible for evangelizing Radware technologies and products before they come to market. He also writes blogs, produces white papers, and speaks at conferences and events related to application networking technologies. Mr. Yue has over 20 years of experience building large-scale networks and working with high performance application technologies including deep packet inspection, network security, and application delivery. Prior to joining Radware, Mr. Yue was at F5 Networks, covering their global service provider messaging. He has a degree in Biology from the University of Pennsylvania.