Using the internet as a backbone for business communications


By Steve Barnett, MD of Checkpoint Technologies (UK) Ltd

An Internet connection is rapidly becoming an essential for today's companies and organisations. The advantages and commercial benefits are well known and recognised across all business sectors. Companies of all sizes are seeking a pro-active presence on the web and most now rely on email for quick and efficient business communications. The advent of e-commerce will only deepen the impact the Internet is having on our rapidly changing business world. The one thing that remains amidst all the change is the natural concern about security. An Internet connection opens up corporate networks to the world and there are people out there who want to see what you have and potentially they can reek havoc with systems, private data and critical records.

Fortunately the development of Internet and Network security technology has mirrored the growth of the Internet. A thriving business sector on its own, Network security has become big business with many of the world's leading software developers playing an active part and generating some of the most significant technological innovations of recent times. For example, for every new virus there is an appropriate software update available to download from web sites to counteract the threat.

Customer confidence in the Internet is building, as the growth in e-commerce transactions and the deployment of critical VPNs testifies. Whilst the threats remain and are real the solutions employed are effective and are helping build consumer confidence. Looking at each of the security concerns in turn allows us to identify the solutions on offer.

  1. Lock the doors to the inter-connected world. Connecting your network to the public Internet really opens the doors to the interconnected world. Your network has to be protected from hackers, malicious attack and other unauthorised access. Firewalls, perimeter security and intrusion detection systems, backed up by automatic responses with detailed logging and alerting procedures are the heart of any enterprise security system. A firewall is essential to network security if unauthorised access is to be denied.

  2. Know who your users are. Connections into and out of your network need to be strictly controlled. Allowing access through the firewall to known personnel is required if business communication is to effectively use the Internet. The management of these connections forms a major part of the enterprise security policy. The key security issue is authentication, knowing who your users really are. Software and hardware solutions are deployed to authenticate both machines and users. Repeated checks are made during sessions to ensure that only authorised users can have access to your data and systems.

  3. Don't tell them anything. Using the public internet as a backbone for business communications, browsing the Internet, emailing, establishing Intranets or Extranets all expose the data to threat. It is only by encrypting these connections that the data contents can be guaranteed to be kept secret. Encryption technology has developed to stay ahead of the technologies used to crack the codes. The strongest levels of encryption now render the task of cracking it almost impossible and certainly never at speeds to match the transmission of the data. Because allowed encryption standards vary around the world and not all data requires the highest levels of encryption the solutions on offer allow extensive management of the data traffic to set encryption standards between any pair of connections. With encryption you can be sure you only tell the people you want to, you don't tell anybody else anything.

  4. Control content in and out. A connected enterprise transmits and receives a lot of data. Not all the data will be appropriate, some may well be dangerous or illegal It is essential that any security policy builds in the ability to protect the corporate network from malicious and pernicious virus attack. Equally important is the ability to restrict your users who use valuable bandwidth to view and download pornographic material etc. Virus protection software and content screening systems have developed to high levels of sophistication and offer peace of mind for the secure enterprise.

  5. Direct traffic and drivers. A corporate level Internet connection generates a lot of extra network traffic. The volume rises alarmingly as applications are developed to enable business to be carried out between remote sites and mobile workforces. Though bandwidth charges are falling and backbone cabling being extended the demands on available bandwidth do need to be managed. Software solutions are available to mange the traffic flows, assigning priority at various levels to data and applications. In this way business critical applications get the necessary priority. Your users and their machines also need to be managed. Internet connections are based on IP addressing, there are a lot of problems managing this environment especially mobile and remote users. The tools now available allow user-to-address mapping from a central point and for that mapping to be become integrated into the enterprise security policy. A well managed system minimises the risk of security breaches and control of users and their IP addresses ensures that rogue users are excluded.

  6. Extend the network. Virtual Private Networks (VPNs) exploit the potential of an Internet connection to the highest level for business. A well established VPN will significantly cut business communication charges and improve communication and business potential. As the number of VPNs grows and the use of them by companies large and small becomes more significant then the security requirements also develop. A VPN is an extension of the corporate network and demands pro-active security. All the security concerns discussed above apply to VPNs, the perimeter is larger, the traffic and users more sensitive and data transmission levels more critical.

  7. Keeping up to date and keeping it going. Network security technology is developing at a fast rate, meeting new challenges and threats and improving performance and usability. Network security systems, like many others are difficult to improve piece meal. It is difficult to keep up with technological improvements and often very difficult to ensure inter-operability and integration of new components without jeopardising security.

  8. Making it happen A corporate Internet connection, whether email and browsing or business critical and sensitive multi site VPN, requires careful security management. A well run system is less likely to be breached. The basis of all good security systems is a well defined security policy. The tools and solutions discussed here all offer centralised management and distributed enforcement. The ability to run and manage the security of a complex and far reaching network from a single console is very valuable. These systems also offer full auditing and reporting to aid network management. Connected networks are growing and will continue to do so, whatever security systems are put in place they must not restrict growth or threaten integrity in allowing it.

Establishing network security is a complex business. The Internet will boost your business, present opportunities and make your communications more efficient but you should be totally secure. Consultant programmes are offered by most major vendors to suggest accredited companies that can advise, implement and commission systems for you. Security of enterprise networks is readily achievable. Software solutions are available that meet all the issues raised.

http://www.checkpoint.com/

 


© Copyright Townsend & Taphouse, 1999, 2000. All rights reserved.