Skip to content
  • Don’t Be Lulled to Sleep with a Security Fable. . .

Once upon a time, all you needed was a firewall to call yourself “secure.” But then, things changed. More networks are created every day, every network is visible to the others, and they connect with each other all the time—no matter how far away or how unrelated.

And malicious threats have taken notice . . .

As the Internet got bigger, anonymity got smaller. It’s impossible to go “unnoticed” on the Internet now. Everybody is a target.

Into today’s network landscape, every network is under the threat of attack all the time. In reaction to threats, the network “security perimeter” has expanded in reaction to new attacks, new breeds of hackers, more regions coming online, and emerging regulations.

Security innovation tracks threat innovation by creating more protection—but this comes with more complexity, more maintenance, and more to manage. Security investment rises with expanding requirements. Just a firewall doesn’t nearly cut it anymore.

Next-generation firewalls, IPS/IDS, antivirus software, SIEM, sandboxing, DPI: all of these tools have become part of the security perimeter in an effort to stop traffic from getting in (and out) of your network. And they are overloaded, and overloading your security teams.

In 2014, there were close to 42.8 million cyberattacks (roughly 117,339 attacks each day) in the United States alone. These days, the average North American enterprise fields around 10,000 alerts each day from its security systems—way more than their IT teams can possibly process—a Damballa analysis of traffic found.

Your network’s current attack surface is huge. It is the sum of every access avenue an attacker could use to enter your network (or take data out of your network). Basically, every connection to and/or from anywhere.

There are two types of traffic that hit every network: The traffic worth analyzing for threats, and the traffic not worth analyzing for threats that should be blocked immediately before any security resource is wasted inspecting or following up on it.

Any way to filter out traffic that is either known to be good or known to be bad, and doesn’t need to go through the security system screening, reduces the load on your security staff. With a reduced attack surface, your security resources can focus on a much tighter band of information, and not get distracted by non-threatening (or obviously threatening) noise.

Thanks to Ixia for the article.

Join our Newsletter

Categories

Related Posts

Network Visibility: Security Applications of Network TAPs, Brokers and Bypass Switches

Network Visibility: Security Applications of Network TAPs, Brokers and Bypass Switches

Security starts with awareness, but what happens when critical traffic slips through unnoticed? For security teams and network administrators alike,…
Why Cheap Standalone Clocks Cost You More: The Case for Synchronized & PoE Clocks

Why Cheap Standalone Clocks Cost You More: The Case for Synchronized & PoE Clocks

Accurate and synchronized timekeeping is crucial for maintaining operational efficiency in any organization. While inexpensive standalone clocks might seem appealing…
Profitap Cloud TAP: Unlocking Full Network Visibility in Kubernetes Environments

Profitap Cloud TAP: Unlocking Full Network Visibility in Kubernetes Environments

Achieving comprehensive visibility into network traffic across diverse environments is a critical challenge for IT teams. Profitap‘s Cloud TAP emerges…
AI-Generated Threats - Why your NDR can’t keep up and how to fix it with CySight CEO Rafi Sabel

AI-Generated Threats - Why your NDR can’t keep up and how to fix it with CySight CEO Rafi Sabel

In today’s rapidly evolving cyber threat landscape, the emergence of AI-generated attacks has posed significant challenges to traditional Network Detection…
Supplier Spotlight: Our EU Based Partners

Supplier Spotlight: Our EU Based Partners

At Telnet Networks, we take pride in operating a global partner ecosystem that brings together some of the most forward-thinking…