Study Shows Interior Network Protection Lacking

Study Shows Interior Network Protection Lacking

A recent survey of IT professionals reveals that just under half of them (45 percent) were either "not confident or only slightly confident" that they were aware of all the endpoints connecting to their organizations' networks. Perhaps not surprisingly, half of the respondents were also concerned that a security breach on their organizations' networks could jeopardize their employment or that of some of their staff.

The study was sponsored by Mirage Networks, a Network Access Control (NAC) provider, and included "194 respondents, representing a variety of IT functions and companies that ranged in size from small businesses with less than 100 endpoints to large enterprises with more than 10,000 endpoints." NAC is an emerging networking security technology, devoted to controlling access to networks by any device (or endpoint). As Mirage Networks is player in the NAC field, it obviously has a vested interest in promoting the potential deficiencies in NAC in today's organizations as well as promoting its own NAC solutions.

 
 Credit: Mirage Networks
"In today's era of mobility, there is simply no clear perimeter to stop the bad guys from coming in," said Trent Fitz, vice-president of marketing for Mirage Networks. "Organizations across all industries are recognizing the greatest threat to the network is the endpoint that connects to the interior. Once inside, endpoints of all types become conduits for web-based threats and other malware to propagate within the network."

While the survey results span organizations from the very small to the very large, the largest segment of respondents claimed that their organizations included between 100 and 999 endpoints. The study found, however, that larger-sized networks tended to have higher percentages of both unmanaged and remotely-connected endpoints. Although, curiously, small networks with less than 100 endpoints tended to have the highest percentage of remotely-connected endpoints.

 
 Credit: Mirage Networks

The study also queried respondents as to what type of security solutions were deployed on their organizations' networks. Depending on the size of the network, between 96 and 100 percent of respondents used firewall security, and between 93 and 100 percent of respondents used anti-virus security. What we find surprising is that neither anti-virus nor firewall protection were ubiquitous across all networks. For anti-virus protection, networks of sizes at less than 100 endpoints, and between 1,000 and 4,999 endpoints, respondents claimed 93 percent and 98 percentage deployments, respectively. Perhaps even more surprising is that respondents claimed that only networks in the size of 5,000 to 9,000 endpoints had 100 percent deployment of firewalls. Antispyware deployment ranged from 72 percent to 89 percent. Other security solutions were deployed even less often, such as Web filtering and intrusion prevention. NAC deployments varied between 14 percent and 47 percent.

 
  Credit: Mirage Networks
The survey also queried respondents on how important it is to control network access (86 percent said it was important or very important); if they planned to deploy Microsoft Network Access Protection (67 percent have no plans to deploy it); as well as few other questions on identifying security risks. As mentioned earlier, however, perhaps the most alarming information to come out of the survey is how low the overall confidence is among respondents of being aware of all the endpoints connected to their networks. Organizations with larger networks tended to have lower confidence rates--possibly exacerbated by the higher number of unmanaged and remote connections.

The takeaway from this survey that Mirage Networks hopes users see is that NAC is important in order to properly manage a secure network's internal connections. We're staying agnostic on whether NAC is the missing piece of the puzzle for secure networking or not; but we are certainly surprised by the prevalence of significant security deficiencies as outlined in the study's findings. In the realm of keeping organizations' networks secure--interior or otherwise--it looks like IT professionals still have a way to go.
0
+ -

>> "The survey also queried respondents on how important it is to control network access (86 percent said it was important or very important); if they planned to deploy Microsoft Network Access Protection (67 percent have no plans to deploy it)..." <<

Somewhere between 9 and 67 percent of them probably already have Cisco NAC.

0
+ -

I know my security is pretty tight (multiple firewalls and various other tricks) and I still log 2-3 thousand attacks a day. Mind you this is on my home network, I guess its the price I pay for having a 20Mbps connection. I think network intrusions are one of the most feared things for a corporation but at the same time I think Home users a left in the dark about it too much. I guess they just do not want to scare people off the net and lose sales.

Note: I have "fixed" peoples home PC's after them being told by an ISP "you must have your PC fixed before we will turn your net access back on because you are spamming" The user never even notices they are sending out something like 30,000 emails a day.

Login or Register to Comment
Post a Comment
Username:   Password: