|
|
|
Businesses are increasing their focus on network security. Decision-makers are becoming more aware that not only does the network now extend far beyond traditional boundaries; it also needs continuous protection against new types of attacks. The figures are compelling: in 2002, 80% of respondents surveyed by the FBI reported financial losses from network attacks — whether internal theft of information or damage from an external virus. The total loss reported grew from $100m in 1997 to $455m in 2002. Simply put, the scale and number of security breaches means that Integrated Network Security is now something your network needs if your company is to stay competitive.
| |
 |
FACTORS IN DRIVING TREND
|
 |
 |
|
 |
The number and type of attacks is increasing, and they are becoming more serious, including Website vandalism; Viruses, worms and Trojan horses; denial-of-service attacks; and data destruction and theft.
Four specific attacks are discussed below:
| |
| • | Loss of Privacy (packet sniffing) |
| |
| • | Identity Spoofing |
| |
| • | Data Theft and Destruction |
| |
| • | Bringing Down the Network — Denial of Service (DoS) |
| |
|
|
|
|
Attacks are becoming easier to initiate, given the growing complexity of networks — public Internet access, broadband, wireless, IP communications, e-commerce, supply-chain management and Web marketing. |
|
|
|
The more a business depends on the network to operate, the more serious the consequences of an attack — including loss of confidential information, downtime across the organisation, and damage to reputation. |
|
|
|
Attacks now come from inside, as well as outside.
| |
| • | Firewalls cannot protect against traffic that appears to be legitimate. |
| |
| • | Disgruntled employees and inappropriate levels of internal protection lead to security holes inside the network. |
| |
| • | FBI and CSI found that 60% of attacks are executed from within a company. |
| |
|
|
THE SOLUTION
|
|
Cisco Systems is committed to helping businesses achieve their goals for network security with an integrated, end-to-end approach that eliminates the interoperability issues, security gaps and scalability constraints associated with niche products and multi-vendor approaches.
The Cisco SAFE Blueprint for network security makes it easy for network administrators to plan and implement the right network design for their businesses. Cisco Catalyst Series intelligent Ethernet switches are integral to the SAFE blueprint, connecting users directly to the network, and provide network security at the LAN edge.
Cisco Catalyst switches can be used to deploy security in your network,
in particular the powerful new Catalyst 6500 and its security service modules offer unparalleled security performance. A few security scenarios are highlighted below showing how Catalyst switches can be deployed to manage the threats:
|
|
|
Loss of Privacy:
Data can be protected by encrypting administrative traffic such as passwords and configuration information using SSH, Kerberos and SNMPv3 functionality.
|
|
|
|
Identity Spoofing Solutions:
| |
| • | Private VLAN Edge provides security and isolation between ports on a switch, ensuring that traffic travels directly from its entry point on an access port to the uplink on the switch. |
| |
| • | Cisco Secure Access Control Server (ACS) along with 802.1x on the switch supports strong authentication capabilities (such as certificates and One Time Passwords). |
| |
|
|
|
|
Data Theft Solutions:
| |
| • | Using Cisco Identity-Based Network Services (IBNS) , the network grants privileges based on user login information, regardless of the user's location or device. This allows different people to use the same PC and have different capabilities. |
| |
| • | Cisco Secure User Registration Tool (URT) along with Dynamic VLAN capability on the switch detects unregistered users on the network via the MAC address and/or invalid user ID. |
| |
| • | Port Security can also be used to limit the port to specific user MAC addresses. |
| |
|
|
|
|
Bringing Down the Network
Implement Access Control Lists (ACL) log violations to track disruptions. Use DHCP Interface Tracker to track the location of the user in the network by providing port and switch ID information to a DHCP server, which can match the information to a known MAC & IP address.
|
|
 |
|
