Study Shows Interior Network Protection Lacking
The study was sponsored by Mirage Networks, a Network Access Control (NAC) provider, and included "194 respondents, representing a variety of IT functions and companies that ranged in size from small businesses with less than 100 endpoints to large enterprises with more than 10,000 endpoints." NAC is an emerging networking security technology, devoted to controlling access to networks by any device (or endpoint). As Mirage Networks is player in the NAC field, it obviously has a vested interest in promoting the potential deficiencies in NAC in today's organizations as well as promoting its own NAC solutions.
| Credit: Mirage Networks|
While the survey results span organizations from the very small to the very large, the largest segment of respondents claimed that their organizations included between 100 and 999 endpoints. The study found, however, that larger-sized networks tended to have higher percentages of both unmanaged and remotely-connected endpoints. Although, curiously, small networks with less than 100 endpoints tended to have the highest percentage of remotely-connected endpoints.
|Credit: Mirage Networks|
The study also queried respondents as to what type of security solutions were deployed on their organizations' networks. Depending on the size of the network, between 96 and 100 percent of respondents used firewall security, and between 93 and 100 percent of respondents used anti-virus security. What we find surprising is that neither anti-virus nor firewall protection were ubiquitous across all networks. For anti-virus protection, networks of sizes at less than 100 endpoints, and between 1,000 and 4,999 endpoints, respondents claimed 93 percent and 98 percentage deployments, respectively. Perhaps even more surprising is that respondents claimed that only networks in the size of 5,000 to 9,000 endpoints had 100 percent deployment of firewalls. Antispyware deployment ranged from 72 percent to 89 percent. Other security solutions were deployed even less often, such as Web filtering and intrusion prevention. NAC deployments varied between 14 percent and 47 percent.
|Credit: Mirage Networks|
The takeaway from this survey that Mirage Networks hopes users see is that NAC is important in order to properly manage a secure network's internal connections. We're staying agnostic on whether NAC is the missing piece of the puzzle for secure networking or not; but we are certainly surprised by the prevalence of significant security deficiencies as outlined in the study's findings. In the realm of keeping organizations' networks secure--interior or otherwise--it looks like IT professionals still have a way to go.