Jeff Harris
Vice President, Solutions Marketing, Ixia
Blog

Ixia Unveils Its 2017 Security Report

March 15, 2017 by Jeff Harris

 

Ixia 2017 Security ReportThis year, 2017, marks Ixia’s 20th year in business as the most trusted source for testing in the networking sector. Over the course of the last two decades, we have had to stay ahead of some remarkable changes and advances in technology as enterprises embraced the possibilities offered by the Internet. Ixia’s test solutions have been used to validate everything from network switches, routers, and firewalls to entire cellular and Wi-Fi network infrastructures. Yet despite all the changes over the past 20 years, there has been one constant trend: with every year malware and attacks have gone up.  It is all we see in the headlines.  

What has not always been so noticeable are the other shifts that have occurred, namely, that networks are more complex. Data rates increase every year, network reach keeps expanding, and new appliances keep entering the market to analyze and protect it all, each needing to be managed, optimized, and secured. This growing network complexity has become a vulnerability on its own which we explore in our 2017 Security Report.

Ixia has a dedicated Application and Threat Intelligence (ATI) Research Center dedicated to examining the current threat landscape, its characteristics, and the forces and trends driving enterprise networks, both on-premise and in the cloud. We use the data this team produces to make sure our tests simulate the proper volumes and mixes of the latest traffic characteristics and attack types. This data is also used to provide Security Fabric intelligence to our network visibility solutions.  Here are some samples of the report’s findings:

Expanding network attack surfaces

An attack surface is the sum of the different points where an attacker can try to enter or extract data from your environment. Attack surfaces increase with the growth in IT complexity in three dimensions: (1) the number of locations where data resides, (2) network throughput, and (3) IT tool complexity. Every new analytics, compliance, performance monitoring, and yes, even security appliance adds to organizations’ potential attack surface. The Internet of Things (IoT) is making the attack surface even larger as many IoT devices are neither deployed nor managed by IT. Network segmentation is on the rise, which is good practice, but survey data shows that 47% of organizations are leaving nearly half of their network segments unmonitored.

You have heard the expression, the fog of war? Organizations are facing the fog of security. Automation and sophisticated real-time monitoring provide critical insight into the fog – but this means the CISO has to become an expert in many things.

Sharing in the cloud

Cloud usage is also on the rise, which raises its own security issues. Where do cloud providers’ performance and security responsibilities stop, and individual organizations’ begin? Today, the average enterprise is using six different cloud services. By 2020 over 92% of all workloads will be cloud based, but many traditional approaches to visibility are on-premises. With the growth of the shadow cloud, up to 10x more cloud services are likely to be deployed than IT expects. An effective visibility strategy needs to span the various virtual, hybrid, public, and private cloud environments. Read about the Evolving Cloud Attack Surface.  

The CISO Mind Map

A typical enterprise may engage upwards of 15 vendors for various aspects of security, IP protection, user training, and risk assessment. That includes protecting inside their traditional perimeter dealing with private clouds, firewalls, antivirus software, and encryption. The CISO also has to deal with monitoring and securing outside the traditional perimeter including public clouds, SaaS services, smartphones, laptops, and networks of IoT devices. The CISO needs to be an expert in all of them.  We look into the mind of the CISO in the CISO's Challenge.  

Looking ahead

We review the headline attacks of 2016 and cover best practices you can implement to avoid them. We expect to see attacks. We also expect that we have taken the proper precautions both at the high level, and in the details. The details are often where vulnerabilities occur, and our Security Report delves into some of the commonly missed areas of configuration, monitoring, and security.   

Ixia is trusted by all 15 of the world's top network equipment manufactures, 47 of the top 50 service providers, and 77 of the Fortune 100 companies. Whether you are a service provider, enterprise, or government agency, your network reach and impact keeps getting more dynamic and complex. Our 2017 Security Report drills deeper into the topics that impact your business security.