In December, McAfee Labs reported that in addition to cloud-based and social media threats, the rapidly growing mobile platform will “draw the lion's share of threat innovation.” According to Arbor Networks, there was a 350 percent growth in the number of distributed denial-of-service (DDoS) attacks monitored at over 20Gb/sec in the first three quarters of 2013.
To confirm this very real threat, CloudFlare reported that its network had been hit by a 400Gbps NTP amplification DDoS attack, the largest attack to date using NTP amplification. The company stated that it has seen this method of attack grow dramatically over the past six months, posing a significant new threat to the web.
As these examples illustrate, network security continues to be a growing problem in the IT industry. The very trends that have revolutionized users' access to data are the same ones that are leaving networks vulnerable to attacks by cyber criminals. No single security product can fully defend against all network intrusions, but a smart combination of existing products can provide a more flexible solution. IT administrators must examine all avenues to ensure that network monitoring and security appliances are working at full capacity to monitor, detect and halt potential attacks.
Cloud computing, Big Data analysis and mobility are three recent trends in the IT industry that, while improving the efficiency and effectiveness of digital services, have also generated significant threats to network security. Cloud computing centralizes data and makes it accessible anytime, anywhere. Unfortunately, it also provides cyber criminals with fewer, and more valuable, targets. Big Data analysis offers a sophisticated overview of complex information; however, such a wealth of sensitive information in a centralized location provides an irresistible target for miscreants. Mobility allows convenience; it permits users to access data on the network from a variety of devices. But it has become painfully clear to enterprises around the world that they also severely compromise network security.
With increasing data availability, cyber attacks are becoming more common every year. Evidenced by the CloudFlare event, cyber criminals are becoming smarter, innovating new methods to penetrate defenses and often using several different kinds of attacks in combination.
To successfully defend against this, a holistic view is required to provide administrators with a complete overview of security solutions running on the network. Today, it has become necessary to monitor how the network is behaving to ensure that no attacks have penetrated the security solutions in place. To do this successfully these solutions must be capable of monitoring and reacting in real-time.
Most networks already have monitoring appliances in place, such as a firewall, an intrusion detection or prevention system (IDS/IPS) or data loss prevention (DLP) application. Some products that consolidate these methods into one appliance include universal threat management (UTM) and next-generation firewalls, but single point solutions can only ever address one part of the problem at a time.