Visions of the ‘wild west’ are often conjured in reporting on the business use of IT today, and the biggest outlaw is typically BYOD. And rightly so – the introduction of multiple operating systems and personal devices into corporate networks can produce maintenance headaches for IT administrators, impact network availability, and intensify security risk for the business by increasing the potential for data leakage and device loss, or the creep of malware, intrusion attacks and other nasties. But the mobile end point is not the only point of vulnerability, as the fallout from corporate (mis)practices such as ‘shadow IT’, where business users access cloud apps outside the IT security corral, and increasingly complex cyber attacks from sophisticated, financially motivated hackers multiply their successes in penetrating the network perimeter rear their ugly heads. The cost of data breach at Target alone was close to a quarter billion (expenses reached $146 million, includes a $90 million insurance offset), a figure that adds some meat to high profile bones that breaches experienced by others such as Sony, eBay, the Home Depot, etc. have picked, and should give cause for Trigger (the famously hyper-aware mount of movie cowboy Roy Rogers) to prick up his ears.
But what is the best way to counter multiple, overlapping threats that now hail from the device, the Internet, cloud apps and repositories, and even the physical world? For Dell, the answer has been development of security products that deliver protection across common IT platforms, and their integration to provide ‘connected security’ that can address current enterprise security pain points.
At the network level, Dell has pursued this strategy through the introduction of next generation firewall technology that can support the need for speed, performance and capacity characteristic of most enterprise data centres today. The most recent addition to its firewall portfolio, the Dell SuperMassive architecture announced this past December is designed to work with Dell high-end networking switches, to provide full DPI solution for networks up to 100 – 200 Gb, scaling through massive parallelism to support millions of simultaneous connections at near-zero latency, with, according to Dell, 97-98 percent security effectiveness. Used in combination with GMS 8.0, Dell’s Global Management System, which consolidates management of security appliances, centralizes policy management and enforcement around things like application traffic priorities, automating workflow around configuration and approval of policy to ensure compliance, and provides real-time event monitoring, analytics, and reporting for audit purposes, next generation firewall technology is applied to the overall security environment in a holistic way, rather than to on a device-by-device basis.
Dell’s expertise in this area stems from its 2012 acquisition of SonicWALL, the security provider that Dmitriy Ayrapetov, director, product management for Dell SonicWALL, called the “800 pound gorilla in the US SMB firewall segment,” and its SuperMassive product line addressing complex requirements in the enterprise space. Since acquisition, Ayrapetov explained, Dell has invested “over a billion in security assets,” including “some internal initiatives to make the products work better together.” Ayrapetov described two levels of integration for Dell firewall and other product areas: services integration where from an organizational perspective, Dell SecureWorks manages SonicWALL firewalls or the Dell Service team is brought in for consulting on enterprise customer deployments and product level integration. ‘Connected security’ operates at this level, where a grid of Dell products for data centre, the network, clients and at the access and identify management layers are increasingly engineered to work together.
According to Ayrapetov, “We don’t want to build a monolithic system; each product needs to be best-of-breed, but at the same time, when a customer buys two products from Dell, they need to work together.” As example, Ayrapetov described the cloud edition of Dell’s data protection and encryption capabilities (purchased with acquisition of Credent), which has been integrated with the SonicWALL firewall’s application control function to enhance protection: “say an end user wants to go to Drop Box. Our firewall can check to see if the user has the encryption client, and if not block the traffic, explaining that corporate policy requires encryption, and offer a link with access to the client.” The beauty of the system is that the user can follow clicks to adhere to encryption policy without having to understand anything about private keys, public keys, which is part of corporate key management by IT admins or about encryption, which is automated by Dell Credent software. Ultimately, the firewall acts as an enforcer to ensure that everyone on the corporate network is using encryption appropriately – enforcing behaviour at the end point level. Sharing of information is also possible, he noted, at the identity and access, remote access and intrusion prevention levels: “when intelligence is correlated from these different systems, you start to see a whole different picture.”
If integration efforts are a work in progress, Jane Wasson, product marketing manager, Dell SonicWALL, was also able to point to ‘connected security’ at play in mobile, email, IAM (Identity and Access Management) and end point protection solutions. For example, in mobile security, which is top of mind in many organizations due to increased risk to corporate security and personal privacy associated with BYOD, Dell is looking to develop end-to-end security capabilities that extend from “on device” (Credent) data protection technologies to the isolation of business and personal data through enterprise mobility management – solutions that deploy a secure container on the device in order to manage access to applications, to VPN technology that uses encryption to secures access to backend resources and data and provides application control to ensure only corporate traffic travels the VPN and that the application signature is safe before granting access to the data centre. But more importantly than a full portfolio of solutions to address current BYOD threats is how these are stitched. As Wasson explained, “it’s not just about picking a few different security technologies that exist in a silo, ideally you want security technologies that have the ability to interact with each other and hand off so that you get the end-to-end security that you need and also a good end user experience.” In this example, the combination of EMM and secure mobile access capabilities enables “on device” data protection: “when this is paired,” she explained, “with a next generation firewall that can identify any malware or APT coming through traffic on the network, you add another layer of protection so that at the packet level to identify any threat that might have snuck through at the first two layers [EMM and SMA].” In terms of specific products, Dell provides secure layer 3 VPN access to a variety of applications, including remote virtual desktop or VoIP, through a combination of the Dell Mobile Connect application that runs on virtually all popular device platforms, and the Secure Remote Access appliance, a gateway appliance that sits at the edge of the network in the data centre and is architected to scale to handle thousands of simultaneous sessions, which together make up Dell’s Secure Mobile Access Solution.
Beyond the layering on of different security technologies at different components of the stack – data encryption and EMM at the device level, VPN technology at the network, and next gen firewalls at the data centre edge – Wasson also outlined the opportunity for more efficient configuration and operation of these various security components when they are deployed together. Though “these elements can stand alone and work within other components because people are not looking to port their entire environment and they want to be able to layer things in… but the combination Dell secure Mobile Access technology and SonicWALL next-gen firewalls is good because it gives you that extra layer of protection.” In addition, Wasson described “hooks” that Dell is now actively introducing into its EMM solution so that when this is deployed in tandem with SonicWALL firewalls, there is integration that will increase over time: for example, the application signature for Secure Mobile Access today comes prepopulated with the application for the EMM Secure Workspace, enabling the user to simply turn on this integration (without running a utility). Going forward, Wasson expects to see in cases where policies are interdependent additional integrations that will allow for auto population between different platforms – and ultimately, the integration of sys log activities and reporting that is relevant to another device.
Beyond the efficiencies that may be gained through the deployment of Dell security products by customers who may have already invested in Dell infrastructure and devices, the layered approach that address potential vulnerabilities at each level of the stack, the kind of integration effort that Ayrapetov and Wasson described also simplifies configuration and deployment to further enhance protection – automation of policy management across different platforms representing as it does a practical the key to actual use and enforcement of the first imperative in corporate security protocol.
For the most part, buyers of the devices that connect users – and threats – to corporate systems and information don’t often stop to evaluate how a new laptop needs to be integrated into a security infrastructure that spans identity management, access control, threat identification and data protection. At the same time, most suppliers of devices, firewalls and the other security technologies focus tightly on a single domain, leaving the critical interfaces between different security layers to users and their IT departments. By leveraging investments in SonicWALL, Credent, SecureWorks, and other technologies into a coherent security ‘blanket’, Dell has created a roadmap for bringing order to the ‘wild west’, and comfort to corporations that don’t want to simply hope that the cavalry will ride in to block the threats that might be lurking behind every twist in the cyber-wilderness.
