Debasish Mukherjee, Vice President, Regional Sales APAC at SonicWall Inc.

A seasoned and accomplished leader with diverse sales, business, and partner leadership experience in the IT industry working with industry leaders like Dell and SonicWall. A passionate cybersecurity sales leader with expertise in the development and scaling up of new business from Ground Zero to new highs. MBA from New Delhi Institute of Management with specialization in marketing and Graduate in Science from Dr. H.S Gour University, Sagar MP. Global & Cross-Cultural Work Experience: Worked at India & GULF, in present assignment managing cross-cultural territories like India, South East Asia, Australia, New Zealand, and China. Vertical Championship: Experience in Govt, PSU, BFSI & Telco vertical sales,. CXO Relationship Management, Large Govt tender & bid management.

 

Today’s business-driven IT initiatives — such as mobility, BYOD, wireless, cloud, and IoT — inadvertently create new vectors for cyberattack. Organizations often do not have deep actionable insight into the behaviors, actions, and traffic generated by new technologies over wired, wireless and mobile networks.

This lack of insight hampers the effectiveness of network security and compliance teams to plan and implement a viable defense. As a result, organizations must take a comprehensive approach to network security analysis across all networking vectors.

Why the need for deeper levels of network security?

Rising security threats

The growing use of cloud and mobile computing, IoT devices, Bring Your Own Device (BYOD) policies — and the rise of shadow IT — have added new levels of risk, complexity, and cost to securing an organization’s data and intellectual property. Organizations of every size must now combat a wide range of increasingly sophisticated threats, including advanced persistent threats (APTs), cybercriminal activity, spam, and malware. At the same time, many are also grappling with tighter budgets and don’t have the resources to easily address this.

The move to Next-generation firewalls (NGFWs)

To combat growing security challenges, more organizations are migrating away from traditional firewalls that focus only on stateful packet inspection (SPI) and access control rules to next-generation firewalls. NGFWs have transformed network security by providing more robust protection against emerging threats. In addition to traditional firewall features, NGFWs feature a tightly integrated intrusion prevention system (IPS), real-time decryption and inspection of TLS/SSL sessions and full control and visualization of application traffic as it crosses the network.

Not all NGFWs are created equal

Modern attacks have become more difficult to identify and employ several complex techniques to avoid detection as they sneak quietly into corporate networks to steal intellectual property. These attacks are often obfuscated using complicated algorithms designed to evade detection by various security solutions. Once the target has been exploited, the attacker attempts to download and install malware onto the compromised system. In many instances, the malware used is a newly evolved variant that traditional antivirus solutions cannot detect. Also, advanced attacks often rely on encryption to hide the malware download or disguise command and control traffic that is sent by the attacker from halfway across the world.

In addition, some organizations rely on NGFWs that compromise network performance for protection, leading to lowered productivity. Others turn off or limit existing security measures in order to keep up with high network performance demands. With today’s new threats and threat vectors, this is an extremely risky practice.

It is clear that a more advanced set of threat detection and prevention capabilities is needed. Ultimately, today’s organizations need an NGFW that can deliver a deeper level of network security without compromising performance — and a total cost of ownership that is maximized for both large enterprises and small businesses.

The security solution:

NGFWs should be able to provide organizations of any size with greater levels of network security without compromising performance.

  • They should be able to scan all traffic regardless of port or protocol including TLS/SSL
  • Should detect anti-evasion techniques
  • Have network-based anti-malware with access to a cloud database that is continually updated
  • Be both easy to manage and affordable

Related Articles