With the whole world now fighting against the coronavirus pandemic, the resilience of our national computing infrastructure will be tested in ways never before experienced. In just a matter of days, we have seen many countries close their borders while companies and institutions have mandated that millions of people work from home. Likewise, schools and college campuses have been emptied of their students and a great experiment in massive online education has begun.
For cyber warriors, the most obvious question is whether and how our systems infrastructure will hold up under the massive strain that service providers will experience as we work remotely for what may well be an extended time period.
With many countries struggling to control this sprawling pandemic, organizations will need to focus as much attention as ever, and even more, to maintaining their cyber defenses. Our question is there not only “how well will the Internet hold up,” but also “how safe and secure will our enterprise systems be”?
The answer lies in how well we succeed in securing the network edge. No matter what, where, and when, we need to control all connected devices and conduct compliance checks in real-time. We’d now like to present the most practical way to increase network visibility, including remote locations, and protect all remote workers from cyber threats to ensure systems availability is maintained throughout the difficult period ahead.
get visibility from the Core to the Edge
Visibility is one of the basic building blocks of any Cybersecurity Plan and a critical part of the foundation of Cybersecurity itself. While visibility may be taken for granted in corporate Headquarters and even Branch locations of an Enterprise network, visibility of remote devices connecting to the network is no less important.
Network Security professionals need to incorporate remote/telecommute visibility into their mandate. Genian NAC provides Device Platform Intelligence for all IP-enabled devices connecting to the network. The information provided by DPI is above and beyond typical device fingerprinting and provides an unmatched level of context and granularity. This level of Visibility is required to ensure devices connecting to the network (locally or remotely) are not only an authorized device type, but do not introduce risks such as End-of-Life or Common Vulnerabilities and Exposures (CVE). Only with this level of information can the most applicable and targeted Access Control policies be implemented.
The best practice to secure remote workers at the Edge
Once the Visibility problem has been addressed, Access Control must be implemented. With the “What” out of the way, the “Who” must be coupled with that data to make policy decisions.
Methods may vary but processing accounting logs (such as RADIUS accounting) or polling VPN ingress points (Firewalls, Concentrators, Servers) for connection and identity information should be incorporated. Genian NAC is deployed with a built-in RADIUS server capable of RADIUS Authentication, AD/LDAP or Local Authentication and Authorization features (AAA). The identity of users connecting to the network can be used to map to specific security policies ensuring only the required level of access is assigned. This ensures a member of the Finance department does not have the same access as an IT Admin regardless of where they are connecting from.
How to sustain security and compliance at the Edge
Last but certainly not least when it comes to security is to ensure that even an authorized device, being used by an authorized user and being assigned the proper permissions meets an organization’s minimum security posture or compliance requirements. The optional Genian NAC Agent can be deployed to ensure that not only basic requirements are met (Windows Updates, OS Patches, etc) but can also be used to mandate or prohibit specific applications or even implement hardware policies such as prohibiting USB devices.
When users are connected to the network remotely, the same security policies that are in place on the corporate network need to be adhered to. This is just as important to the SMB/SME world as it is to the largest Enterprise networks.
Again, getting crystal clear visibility is the key to secure from the Core to the Edge. Based upon that, you can leverage various enforcement methods with/without Agent to maintain the highest level of security and compliance.
Brett is a Cisco CCNP and has over 25 years of experience in networking. During the last 15 years he has specialized as an SME in Designing and Deploying Network Access Control solutions. Prior to focusing on NAC, Brett served as a Cryptologic Technician in the U.S. Navy as well as providing network consulting services such as Enterprise-scale WAN projects for financial institutions and data center BGP connectivity to Service Providers.