Over 45 million credit and debit cards numbers were stolen by hackers in the now famous TJX Companies Inc. security breach. And while the thought of this data heist might keep many IT mangers up at night, Mauricio Sanchez, chief network security officer at HP’s ProCurve Networking division, says a more adaptive network security strategy will help ensure enterprises stay out of the headlines.
Speaking to a group of customers and partners this week in Toronto, Sanchez outlined a philosophy which stresses an adaptive network at the user, application and organization level. ProActive Defense, as Sanchez called it, is about having access control and network immunity, on top of the user’s security infrastructure hardware.
“I’m not asking people to rip out their existing security investments,” he said. “But rather, extend that and fortify existing security infrastructure. We want to give users the ability to gain a greater insight into what is going on in their networks and help protect their IT investments.”
To address access control, the ProCurve Network Access Controller (NAC) 800 uses a RADIUS-based authentication server to validate the integrity of incoming systems, giving IT managers the power to secure the network from unauthorized users and systems that may pose a threat. “If I come to your house and I knock on your door, do you let me all the way into your master bedroom before you ask me who you are,” Sanchez asked. “So, why is it that we let users go all the way in on our network?”
With the NAC 800, Sanchez said that you can control not only who’s coming on to the network, but also what type of access they get. And being on the cautious side is crucial, he said, because most security risks – intentionally or not – come from within the enterprise.
“The user should only be able to access as much of the network as they need,” Sanchez said. “If they only need access to the Internet, you can restrict their access to the engineering, human resources or the business servers.”
And if a user logs on with potentially troublesome programs such as BitTorrent or Kazaa,” Sanchez said, the IT admin has the option to restrict the users’ access.
For network management, Sanchez highlighted ProCurve’s Network Immunity Manager – software which automatically detects and responds to threats and viruses inside the network. The tool is offered as a plug-in to ProCurve Manager Plus, which is a Windows-based platform that allows IT administrators to centrally manage all ProCurve devices.
Rob Whiteley, an analyst at Forrester Research Inc. in Cambridge, Mass., said the Network Immunity application will provide better security visibility, while the controller will add network control such as secure access to guests using a network. He also noted that ProCurve has an “impressive” level of integration of its products into other networking gear.
“We see many vendors today claim to have ‘unified’ security where it’s backed into the network fabric, but without proper management and policy administration, this simply isn’t true,” Whiteley said in an e-mail interview. “ProCurve puts a lot of emphasis on the ease of use and integration on the management consoles to ensure that enforcement is baked into the network hardware and that the policy administration is all centralized in a single pane of glass.”
With files from Matt Hamblen, Computerworld (US online)