A common misconception concerning network security is that the enterprise network is at considerable risk from external attackers only. As many security architects know, their networks resemble what is known as "Coconut security": hard on the outside, soft in the inside. All of the protection and security resources are directed towards the perimeter, keeping the bad guy out by disabling access to any of the network using firewalls and network IDP. However, the soft inside is what the attackers are really after and the security solution is ultimately about getting to the crux of it all i.e. knowing the insider threat source for instantaneous action against security breaches.
The well known case of David Lennon launching an e-mail attack on his former employer, Domestic & General Group hogged headlines in IT publications and illustrates it well. Lennon caused chaos for Domestic & General by generating millions of hoax e-mails. The insurance company's router and mail server crashed and the cost was in the tens of thousands of pounds.
In fact the insider threat proliferation is touching newer heights. Often criminal gangs infiltrate a company, entering via unsuspecting users.
Cyberoam Identity Based Security Soluion: Revealing the End User Identity
Addressing insider threats requires a combination of incident prevention, detection and response. Since the user is proving to be the weakest link in the security chain today, linking user identity to security is the solution to ensuring high levels of security and to fight against insider threats.
Linking user identity to security is the key to current security, which Cyberoam delivers. Cyberoam is the only UTM that embeds user identity in firewall rule matching criteria, eliminating IP addresses as intermediate components to identify and control the user. This offers instant visibility and proactive controls over security breaches even in dynamic IP environments. User Identity binds the security features: - Firewall-VPN, Anti-virus, Anti-spam, IDP, Content Filtering - to create a single, consolidated Cyberoam security unit enabling the administrator to change security policies dynamically while accounting for user movement - joiner, leaver, rise in hierarchy and more - through easy to configure policies. Ultimately Cyberoam delivers effective security by instant identification and immediate corrective action.
