Every Solution You Can Imagine – and More
What cybersecurity solution do you need? From Zero Trust to ADR, IAM, risk/privacy, data protection, AppSec and threat, securing digital transformation, to resiliency and remediation, we can build the right program to help solve your challenges.
A Single Partner for Everything You Need
Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv
Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner.
However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Assessing the Needs for Today’s Modern Security Gateways
In this guide, Lloyd Tanaka of Check Point Software offers a series of tips to help assess requisite capabilities for today’s modern security gateways, which are hugely important for managing your new post-COVID threat landscape…
Thanks to the global pandemic organizations are adjusting to a new reality. The abrupt shift of entire workforces to home offices has also altered the threat landscape, offering distinct new challenges for IT Security teams. Opportunistic threat actors have intensified their efforts to exploit the upheaval to target your vulnerabilities.
The U.S. Department of Health and Human Services (HHS), the overseer of the Centers for Disease Control and Prevention (CDC), is being attacked daily. The European Union has condemned attacks on critical systems needed to fight the coronavirus. And Check Point Research has determined that over 51,000 coronavirus-related domains have been registered since January 2020, with nearly 10 percent deemed malicious or suspicious.
Securing already rapidly-disappearing network perimeters is a key concern. How do you protect an entire remote workforce where ransomware operators have identified a practical target – your network devices like gateway and virtual private network (VPN) appliances? How can you hunt down these ransomware attackers and identify compromised assets?
These latest threats may have you reconsidering your current security solution. You’ve identified some gaps in your security, but how do you choose the vendor that best fits your needs? Where do you start?
Preventing today’s targeted zero-day attacks requires new cyber strategies, such as the inclusion of an end-to-end, consolidated cybersecurity architecture. It requires the bolstering of your cyber first line of defense – your network security gateways.
Here are six important questions (and our tips) you should ask when assessing your network security gateways:
Do your security gateways match your peak use? Retailers, for example, can often experience traffic spikes with active seasonal shopping. A security solution offering hyperscalability (the ability to scale on demand) with your gateways can more effectively meet the needs of your organization.
How do you calculate your need? Consider the number of users, internet connection size and traffic mix, then conduct proof of concept (PoC) testing. In this assessment, you need to verify that you can safely enable new security features as well as HTTPS inspection.
Choose between copper or fiber cables and decide how many ports and at what speed (1/10/25/40/100 Gb) you require. How will Wi-Fi be used? You’ll also need to understand how many appliances you’ll need and where to deploy them – on premises, in branch office locations, in cloud or hybrid cloud configurations. With a remote office, you’ll need to know if SD-WAN is supported in order to optimize connections across different circuits and to different sites such as branch to branch, branch to data center and branch to cloud. Choose a vendor with a solution that meets your networking requirements.
Your risk assessments will dictate whether you require high availability (HA) appliance hardware such as power supplies, disks, fail-open NICs or a cluster of two or more appliances. You need to assess the level of support that will be required. Is five days a week enough or do you need seven-day premium support? Additionally, will you need to apply special service level agreements (SLAs)?
Your assessment of risk will indicate your vulnerability to exploits. Choose a vendor with a solid track record of delivering secure product and responding to vulnerabilities who can offer you a complimentary security checkup to cyber proof your organization.
Most organizations connect to other systems (such as an enterprise SIEM for log analysis or an Active Directory server for identity purposes). Integrations might also include a change management platform or a monitoring system. If you’re a larger organization that’s codifying operational processes, choose a vendor with APIs that support automation and orchestration platforms like Ansible or Terraform.
Consider how security administrators perform. What are their learning curves when handling new platforms and systems? Do they require special certifications? Choose a vendor with a unified security management platform that offers an intuitive, easy-to-use interface and multi-tasking capabilities. This will help your security administrators become more productive as they can work in parallel.
How many hours of labor will be required to manage daily/weekly changes to security policy?
Management-as-a-Service can get systems up and running within minutes, instead of taking time to specify an on-premises system and installing the software or acquiring the appliance from a vendor.
New security capabilities are being incorporated into security gateways. Do you require an intrusion prevention system (IPS)? What about sandboxing technology?
Has your security been tested, and if so, what is the effectiveness score and the rate of false positives? Is there an impact on users when enabling security features?
Do your gateways support remote access with strong, multi-factor authentication, and from multiple devices, including Windows, Apple, iOS, and Android? Do they automatically update the protections? Choose a solution that meets all of your requirements and that has advanced security such as sandboxing technology that has been vetted in independent third-party tests.
When acquiring or updating your network security gateways, cost is a consideration.
Choose a solution with the best security, the lowest Total Cost of Ownership and easy, zero-touch deployment capabilities to save time when deploying new systems.
Choosing the right security product depends on understanding the technological functions that will protect your organization from the latest threats. Now that you know what’s on the market and which tools can provide unyielding and robust digital defense, you can make the best cybersecurity decisions possible for your organization.
To explore the next generation of network security gateways, click here. For more CISO-level perspectives, visit cybertalk.org.
May 28, 2020
Recent research from Gartner and others indicates the COVID Work From Home spike is here to stay.
June 11, 2020
A how to guide using Gitlab, Hashicorp Terraform Cloud, AWS EKS and Palo Alto Networks Prisma Cloud to build and secure a Kubernetes cluster.
April 24, 2018
Serverless architecture enables applications to be developed and deployed without management of the underlying host or operating system. Instead of a....
Let us know what you need, and we will have an Optiv professional contact you shortly.