 "ADCs Viewed As Alternative To Traditional Security Solutions: Survey")
F5 Networks, Inc., the Application Delivery Networking company, has announced the results of an F5 Networks 2011 ADC Security Study that measures the effects of increasingly complex network and application attacks on enterprise organisations, and details the security practices that enterprises are adopting to guard against these threats.
The worldwide survey, conducted by independent market research firm Applied Research, found that attacks are becoming more difficult to defend against and are expensive to mitigate, with traditional safeguards falling short. Ninety-two percent of those surveyed view Application Delivery Controllers (ADCs) as an appropriate alternative to traditional security solutions, finding that the utilisation of ADCs for security purposes continues to gain traction.
“Traditional security technologies are struggling to keep pace with the expanding threat landscape; as cyber attacks become more malicious, employees are also becoming more distributed and infrastructures are growing in complexity,” said Christian Hentschel, Vice President for Asia Pacific and Japan at F5. “As such, many enterprises are turning to ADCs to address critical security concerns that traditional safeguards cannot reach,” he said.
Threats Now More Difficult to Defend
With both infrastructure systems and cyber attacks growing in complexity, the study revealed that enterprises find it challenging to defend their networks and applications. The survey found that DNS attacks are the most frequent and difficult to defend against, and have the highest impact on enterprises.
“We’ve had some notable public attacks, both DDoS and scripting issues,” said a director of technology in a recent focus group, referring to the increasing difficulty in defending against attacks. “We’ve changed our entire policy and our infrastructure in the past year because of these things.”
High Costs from Complex Threats
The effects of DNS and encrypted data attacks are wide-sweeping across industries, with the typical cost per organisation for a 12-month period being $682,000, according to the survey. More than 50 percent of enterprises claimed loss of productivity, 43 percent of respondents reported loss of data, and 31 percent reported loss of revenue. Other costs that enterprises incur from attacks include loss of customer trust, regulatory fines, and theft of money or goods.
“We’re looking at the loss of time, productivity, and data…maybe $100,000 a month,” said a project manager participating in the focus group.
Current Solutions Falling Short
According to the survey, traditional safeguards fall short in the face of constantly evolving threats. Of those surveyed, 42 percent had a firewall fail due to network-layer Denial of Service (DoS) traffic load in the past 12 months, with 36 percent failing during an application-level DoS attack. Thirty-eight percent of respondents reported that traditional safeguards perform less than “somewhat well” in understanding traffic context and protecting against complex, blended threats.
“Traditional safeguards are no longer effective,” said a director of technology during the focus group. “For data loss, where we have a more experienced enemy, we’re seeing that we need to be far more advanced.”
Application Delivery Controllers Providing Security
“In the past three or four years, we’ve expanded the use of our ADCs,” said a director of technology during the focus group. “We had two things that were driving it: security concerns and our ability to implement more Web 2.0 applications.”
IT is considering ADCs for security use, with one-third of respondents already using ADCs for security, and virtually all of them discussing it. According to the survey, only 8 percent believe their traditional safeguards are sufficient and there is no need to consider ADCs. In contrast, 92 percent see specific security roles for ADCs, and half of respondents believe that ADCs can replace many or most traditional safeguards.
“With an ADC, at least if you do have an attack on it, you have the flexibility to adapt and shut down that attack vector, and your entire network or application is not compromised,” said a senior systems analyst participating in the focus group. “You can isolate the threat from the rest of the system.”
Recommendations
Unify the security framework – Organisations should increase communication between security silos to get a full network security profile. Traditional security technologies focus only on a narrow slice of potential attack vectors. When an organisation deploys security in silos—perimeter protection, application layer protection, data protection, etc.—they lose sight of the context of what is occurring within each silo, and how that might affect the others.
Understand attack context – Many attacks are blended across network, protocol, user, and application. Unifying security across layers L3–L7 in the network stack gives an organisation the ability to better identify, defend, and adapt to these blended threats. It gives organisations an edge over attackers by making it more difficult to exploit a particular vulnerability across many vectors.
Respond and adapt – Because new exploits and vulnerabilities are introduced constantly, an organisation’s security framework must respond quickly to evolving threats. Companies should seek solutions that can rapidly adapt and even help anticipate potential vulnerabilities.
Scale to combat attacks – As evidenced by the recent Anonymous and LulzSec attacks, hackers can utilise massive, global, and random attack patterns. Any approach must be able to withstand the sheer size and scope of today’s attacks, and do so cost effectively.
- Build a robust community – Organisations can benefit by leveraging the combined power of a user community to mitigate the growing and changing landscape. A strong community of like-minded individuals can provide shared wisdom and insight, resulting in enhanced visibility, command, and control. With active contributions from a focused community, dynamic threat response and adaptability can be improved for all.