News of the recent large scale security breach at networking company Juniper is just the latest example of why corporations should actively increase their cyber defense. While the FBI is currently investigating the back door hack that potentially compromised 3 years worth of highly classified data, the take away here should be that all companies looking to protect data and customer information should implement a multi-layered defense system for their networks.
Solarflare is the leader in secure network solutions, by proactively approaching security from multiple points of possible infiltration. Particularly for financial institutions or other industries with highly sensitive information, maintaining uninterrupted performance across applications while ensuring the earliest possible detection of breaches is essential. Here’s a three step plan to keep your network safe, secure, and speedy:
1. Proactively Protect the Server Perimeter
The network server is the number one target of cyber attacks, because this piece of hardware is where crucial client and institutional data is stored. Defense in depth begins at the perimeter level, much like a moat surrounding a castle from possible intruders.
The core of Solarflare’s DDoS server attack mitigation is SolarSecure– a high performance packet filter engine that enables “bad” traffic to be detected very early in the network stack, so DDoS attacks can be absorbed without the degradation of “good” traffic. The filtering engine allows for individual packets to be inspected, limited or blocked based on their contents.
In the face of DDoS attacks, servers enabled with the SolarSecure were found to be 3 to 4 times more effective at packet filtering than iptables. This is a great way to identify and slow down potential threats before they escalate to a level where real damage is done.
2. Build Layered Defenses
The second phase of protection involves internal network segmentation. Multitenant cloud environments help defend against the spread of threats across the entire network. Partitioning off infected areas, new policies, filters and access control lists can be implemented to protect critical data from unauthenticated users.
Solarflare’s Capture SolarSecure (CSS) enables packet capture deployment on the top of every server rack in the data center, providing enhanced “DVR-like” real time lossless data recording. For financial institutions in particular, CSS provides greater threat mitigation, regulatory compliance requirements, and optimized trade execution management with precise time stamping capabilities. CSS mitigates cybersecurity risk by providing greater visibility into enterprise network, enabling prevention of hostile intrusion and data theft.
3. Close the Gap
Once a company can identify where its vulnerabilities lie, it can proactively mitigate risks to the perimeter and inner layers. Machine learning and optimizing data management and analytics allows companies to build the capability to analyze all the data on their networks. Having this detailed trail of information will be more important than ever before, as security regulations tighten in the face of ongoing large scale security breaches like the one at Jupiter.
SolarFlare’s recent partnership with Velocimetrics provides this kind of forward-thinking analysis, allowing all financial orders and trades to be tracked in real time. This is the kind of customized solution that more companies would do well to implement to bridge the gap between detecting breaches, preventing breaches, and ensuring that there is no exfiltration of sensitive assets from servers.
Companies can use these strategies and Solarflare’s security tools to help mitigate the cost of prevention and reduce the time of detection, creating a cost-effective security strategy. As large enterprises continue to be targeted by evolving hacking methods, a multilayered defense plan at the server level is essential.