Secure Thy Network

By Team Digit | Published on 01 May 2005
Secure Thy Network
Are small firms more susceptible to security attacks? All organisations, irrespective of their size, are exposed to the same set of malware (any form of malicious software such as viruses and Trojans). However, SMBs who  do not invest as much in IT, and have mostly one-man security teams, may be easy targets for  security attacks as compared to bigger enterprises.

Fetish For Security
Not all agree, though. Chennai-based DAX Networks takes security very, very seriously. A 17-year-old organisation, DAX Networks specialises in delivering networking solutions (with pre- and post-sales support on projects) to SMEs and  enterprise-level organisations   throughout the country.

With over 150 users accessing their internal network on a daily basis, DAX has installed a Firewall-cum-VPN security solution offered by WatchGuard, a global security vendor. "We create customised networking solutions for several Indian companies, although some of the core technologies are sourced from the US," says R Rajan, Head-IT Processes, DAX Networks.

WatchGaurd's Firebox
DAX purchased WatchGuard's Firewall plus VPN security solution, as it "fit the requirements of our network," according to Rajan. WatchGaurd's Firebox solution was customised by DAX Networks. He adds, "We first discussed our needs thoroughly, with the WatchGuard reseller in Chennai. This kind of expenditure requires   long-term planning."

Ajit Pillai, country manager, WatchGuard, says, "The customised Firebox solution by DAX scans the perimeter of their network." The firewall protects the SMTP, FTP and HTTP servers from unwanted traffic. The Firebox series includes Firebox X, Firebox X Edge, and Firebox SOHO.

WatchGuard also offers unified threat management solutions including signature-based intrusion detection systems (IDS), and a 'State of Network' test, which is bundled free with its Firebox. WatchGaurd's dynamic 'Live security service' provides regular updates and virus alerts, identifies vulnerabilities, spyware, and intrusions. Pillai elaborates, "Product updates, anti-spam and anti-virus tools can be enabled by installing software keys, thereby eliminating inventory issues."

Remote Servers And Data Transfer
"Our critical resources are accessed by about 35 users-they access Web sites, use FTP clients (two users), CRM applications (25 users), and access mail and domain servers as well. All functionalities are mapped and external users are authenticated at every stage," says Rajan.

Audits aside, employee awareness programmes can go a long way in ensuring that a network stays secure and active

Firebox has helped protect the company's critical resources. "With an edge-based firewall (one that protects the perimeter of the network) most vulnerabilities can be exposed. But we also use digital certificates for our transactions," adds Rajan. Digital certificates are often used for online transactions to validate one's credentials, and are used by companies operating in the e-commerce or monetary transactions space.

End User Involvement
In order to engage end-users in the security framework, WatchGuard's resellers conduct training sessions, and also help update the particular company's security resources.

WatchGuard coordinates various security audits and network maintenance programmes in alliance with vendors and resellers in different cities in the nation. "While some companies may want complete audits while others may require only updates-the requirements vary depending on the size of the network, VPN tunnel speed and throughput among other factors," says Pillai.
Security Alert: SHA-1 cracked? 
In February this year, Slashdot ( published (unconfirmed) reports of the SHA-1 algorithm being cracked by a team of three Chinese researchers. The Secure Hash Algorithm (SHA) is a secure encryption algorithm used in security applications for online banking systems, in the creation of digital signatures for secure document transfer, hashing and the like.
Time now, perhaps, to shift to the next lot of SHA variants-SHA-224, SHA-256, SHA-384, and SHA-512-cumulatively called as SHA-2.

Rajan agrees that end user involvement is essential. He explains, "We use a Virtual Private Network (VPN) so that our Customer Relationship Management (CRM) server can be accessed by our sales team across India. Users access a remote server from their machines (with an SQL backend) and use PPTP (point-to-point tunnelling protocol) to access the server. However, firewall authentication is required at each and every stage."

Rope In The Employees
Active employee participation is critical for any secure network. After all, a network is as vulnerable as it's weakest link; the link, which  most virus writers and spambots exploit-   the end user. Audits aside, employee awareness programmes can go a long way in ensuring that a network stays secure and active.

Security And The SMB 
Most networks are vulnerable to intrusions and virus attacks. With virus writers getting incredibly creative, and spawning by the dozen, a robust network is one that can react immediately to an attack and bounce back to normalcy, ASAP. A few tips to keep your SMB's internal network secure:

Educating Your Employees
End users are extremely vulnerable nodes in any network. Enforcing protocols, like not opening suspicious attachments, updating virus definitions regularly, using 'safe' sites for e-commerce transactions, not responding to spam, and perhaps subscribing to security updates/newsletters from a trusted vendor would help prevent many attacks. Also, employees should report virus attacks immediately, and download relevant patches. Setting complex passwords for accounts, and using encryption keys for transfer of confidential documents is equally imperative.

Access To Key Network Resources
Access to key network resources should be restricted to one or two people (preferably the CTO and the System Administrator) and all security breaches should be reported to the concerned authority.

Software Updates
It goes without saying that pirated software is a no-no. Regular updates of existing software will safegaurd your PC safe from newer, malignant malware.

Security Audits
Regular security audits-internal or external-are a must for any firm. With a slew of viruses and Trojans hitting the Interent on a daily basis, audits will let the administrative department know, how vulnerable a system is, to attacks. Again, the SysAdmin needs to involve users in security exercises.

As Pillai affirms, "The SMB segment in India is growing at a 30 to 40 per cent rate every year. Their employees are net-savvy and communicate with a global clientele. Moreover, the US and the UK-based companies are demanding rigorous security norms before awarding contracts to Indian firms."

Prevention Is Better Than Cure
SMBs such as DAX Networks, which may or may not flaunt a full-fledged 'IT team', are certainly reinforcing the 'better safe than sorry' norm. It is by investing time and resources in security solutions as well as enforcing stringent security procedures that SMBs can try and achieve minimum 'downtime' even when crippled by a severe violation of their security system.

"Security vendors have begun to realise that the 'one size fits all' paradigm doesn't hold true in the SMB space. Customised solutions coupled with personal attention, and assisting  SMBs to promote prudent network usage works best," avers Pillai.

Team Digit

All of us are better than one of us.

email Protection Status