Lora O'Haver
Senior Solutions Marketing Manager
Blog

Network Security Survey Finds Areas for Improvement in 2017

December 22, 2016 by Lora O'Haver

As a company focused on improving network security, we recently partnered with Enterprise Management Associates to conduct a survey on current practices and concerns among security and network professionals. The results were interesting and highlight areas for improvement, that can strengthen overall enterprise security.

14% are not inspecting live network traffic. You might think the frequent publicity on data breaches and cyberattacks would drive every IT department to do more inspection of live network traffic, just to make sure no threat gets overlooked. However, our survey found some companies have not deployed inline security tools and are relying on out-of-band analysis. With this approach, it takes longer to find threats and increases risk. A better solution is to deploy inline security appliances using a bypass switch, to keep traffic flowing, even if the device stops responding. With a bypass switch, you can safely inspect live network traffic and stop attacks faster.

26% of monitoring tools don’t match the speed of the network. Network upgrades are a fact of life in most organizations and costly to complete. When budgets are tight, it can be tempting to cut costs by continuing to use lower speed tools even after a link is upgraded. That might work for a while. But as traffic increases, lower-speed tools can quickly become overloaded and drop packets or simply stop working. A better solution is to reduce the traffic your tools have to process using a network packet broker (NPB). An NPB can pinpoint the right data for each tool and reduce its workload.

45% are not using an external bypass switch. Many security appliances now include an internal bypass to move traffic along if they stop working for some reason. That’s better than no bypass, but not as good as having an external bypass. When the bypass is separate, you can use it to control the path of traffic. That means if you need to patch or upgrade a security appliance, you can do it without impacting traffic flow, or waiting for a network maintenance window. A simple external bypass protects network uptime.

40-50% of security appliances are not receiving filtered traffic. You need your security appliances to be accurate and efficient, but volumes of data packets are coming at them, non-stop. Help them work more efficiently by filtering the traffic they process. Video and voice data is a large component of the flow, but does not need to be inspected. Remove it using a network packet broker. An NPB can also help you chain two security devices together, to let the output of one (like an SSL decrypter) be sent to another, to reduce redundant processing. Reducing workload helps your tools last longer too.

63% of monitoring tools are not optimized. Most experts say tools should operate at 70-75 percent of their capacity, to get maximum value and avoid the risk of overload. Survey respondents report about one-third of their tools are under-utilized and another third are over-utilized. This can be solved by connecting tools to an NPB, which receives traffic from multiple network links and sends to your tools. With an NPB, there is no need to install a tool on every link you want to monitor; tool capacity is shared. When it’s time to add capacity, an NPB lets you load balance the traffic across any number of devices. When overall usage exceeds the target, a new device can be added to the group and traffic is automatically shared between them.

25-50% of staff time is spent researching alerts and configuring security tools. The ability to hire and retain trained security professionals continues to be a top IT concern going into 2017. Companies need to keep their staff focused on high-value projects and automate where they can. One way to reduce the time spent on security alerts is to filter out the known bad IP traffic so your staff doesn’t spend time researching issues that have already been verified by others. Adding a security threat intelligence solution keeps known bad traffic from even entering your network or impacting your staff. 

Now, here’s the good news:

80% of IT budgets were increased for the coming year. We know security is a top concern going into 2017. In fact, 80% of our survey respondents reported their IT budget had been increased for the coming year, with 58% reporting it was increased more than 10%. This could be a good time to propose changes to the foundation of network security—to make sure you have visibility to all your network traffic, to safely deploy security appliances inline, to use network packet brokers to pinpoint and deliver the right data to your tools, and to use technology to offload work from the staff when you can.