Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Palo Alto reports highlights poor application control

Palo Alto Networks : 29 April, 2009  (Technical Article)
Legacy security systems failing to control current applications according to industry study performed by Palo Alto Networks
Palo Alto Networks has announced that results of an industry study reveal that legacy security products are not controlling users' applications of choice within the enterprise, despite more than $6B spent annually on these products.

These are results of the company's third Application Usage and Risk Report, a semi-annual analysis of application usage on enterprise networks. Unlike other industry reports that are based on behavioural surveys, Palo Alto Networks' usage report looks at which applications are in use, identifies emerging trends, and discusses the associated business risks or benefits. Made available today, this edition of the report summarises traffic assessments of nearly 900,000 users across more than 60 large organisations that span markets including financial services, manufacturing, healthcare, government, retail and education.

Despite the fact that every organisation in the study was equipped with a legacy firewall and 87 percent had one or more additional controls such as a proxy, an IPS or URL filtering, the sample was unable to have visibility into, nor control of, application traffic. Examples from the report include:

* An average of six peer-to-peer (P2P) file sharing applications were found in 92 percent of the sample networks - with some organisations having as many as 17 variants. Common examples included Xunlei, BitTorrent and GnuNet.

* Browser-based file sharing was found in 76 percent of the organisations, with an average of five variants. The most common examples were YouSendIt!, MegaUpload and MediaSpace.

* In nearly every organisation, applications that enable users to bypass security controls (public proxies, encrypted tunnels, remote desktop control) were found.

Today's applications are built for accessibility using standard features that enable them to automatically slip through security controls. The analysis shows that more than half of the nearly 500 unique applications found enable accessibility by hopping ports or using port 80 or 443 (typically open to enable web browsing or SSL traffic).

In addition to the business and security risks that the lack of visibility over these applications poses, applications also consume an organisation's bandwidth at a significant rate. From the report, more than half of the bandwidth was being consumed by 28 percent of the applications, most of which were consumer oriented.

"The findings in this report are significant, especially when you consider these tough economic times and the money organisations are spending on security products which are not working," said Lane Bess, President and CEO of Palo Alto Networks. "It's clear that applications and threats have evolved and legacy firewall technology has not kept up. Administrators need a security infrastructure that does more than look at ports and protocols to provide the visibility and control necessary to fully protect their networks."
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo