Old-time marathon winner and runner Bill Rodgers once made the comment that, “Every race is totally different.” And if this is true in the relatively predictable world of marathon running, it is even more accurate in the race against cyberterrorism, where – whether we like it or not – each day brings with it unforeseen challenges that threaten the integrity of the network.

The question is how best to approach network protection successfully despite the ongoing development of unexpected threats. The truth is that throughout 2016, we’ve had more than ample opportunity to consider this question. From the involvement of hackers in the U.S. elections to the IoT DDoS attacks of October 21, last year saw some shocking stories of breaches. With all of that behind us, 2017 is not a moment too early to take stock, explore the options – and perhaps, go back to the basics and adopt some old-new security strategies that provide greater visibility, improved resilience, increased automation, and better security.

An Unfortunate Side of “Things”

The distributed infrastructures of today’s networks make businesses more vulnerable to attacks, with IoT and BYOD adding a huge degree of complexity. The threat is simply greater – so much so that, according to Gartner (as quoted on TechCrunch here), the security market is predicted to grow to the whopping size of $120 billion by 2020.
As pointed out in the eBook, The Top 5 Misconception of IoT Network and Device Security, IoT devices represent the weakest link of today’s corporate network. To make matters worse, because most users are unaware of the threat, most devices are not even set up securely. (to learn more, read the eBook preview here.)

Because Seeing is Believing

Part of why IoT and BYOD have changed the situation so drastically is that new devices (both managed and unmanaged) are constantly being connected. Any device connected to the network can potentially function as a gateway into your infrastructure.

It has become all too common for there to be a “disconnect” between the number of devices the average IT administrator thinks is attached to the network, and how many devices are actually there. Shockingly, it is not unusual for the disparity to be as high as 20-30 percent.

In approaching the protection of any network, visibility is key – because you cannot protect what you cannot see.

An Innovative Approach to Today’s Security Challenges

A Next-Gen network visibility and access control management solution such as Portnox CLEAR continues to provide ongoing and comprehensive protection against hackers. With Portnox CLEAR, an organization can be hermetically covered, and IT and CISOs regain the visibility and continuous risk assessment they need.
Portnox CLEAR gives you 100% visibility of all devices, including managed and unmanaged devices. With this comes greater control and security, and the ability to develop new strategies – particularly, segmentation of IoT devices, so that they only access a limited part of the network.

The Need for Speed

Portnox CLEAR handles the complexity of today’s networks through Continuous Risk Analysis (CRA), which provides more flexibility than the approach of a one-time “grant or deny.” CRA is built to provide protection in a reality that involves a broad range of devices as well as “anytime, anywhere” connectivity.
CRA is a response to the need to act fast in the geo-distributed mobile workforce of BYOD and IoT. Replacing the old tactic of periodically scanning, CRA provides a real-time approach to network admission control that allows you to continually assess endpoint risks to the network.

Putting It All in Context

Portnox CLEAR also offers an unprecedented degree of context awareness, monitoring changes in hundreds of parameters and correlating multiple context attributes. This provides an adaptive and more analytic approach to risk determination, and facilitates the development of security assessments that are much more comprehensive – taking into account considerations such as time, network location, user identity, and scenario.
Context awareness is particularly significant to today’s cybersecurity because it facilitates the discovery of anomalies – both as relate to device behavior, and as relate to the status of the network.

100% Visibility and Real-Time Access Control

Portnox CLEAR offers ongoing network visibility and access management control so that you can keep your network safe, with real-time risk assessment that mitigates the cybersecurity threats.
As a cloud-based endpoint security management solution with context-aware security assessment capabilities, Portnox CLEAR is up to the challenge of optimally protecting the security of your network.

All Hail, SASE!

SASE, pronounced “sassy”, stands for Secure Access Service Edge. It is a cloud-based network security model and category, proposed by Gartner in 2019. This model includes the network security solutions in a global and cloud-native service that allows IT teams to easily connect and secure all of their organization’s networks and users in an agile, cost-effective, and scalable way. This is especially useful in the currently globally dispersed digital enterprise.

According to Gartner’s analysis, SASE can be characterized as an identity-driven, cloud-native, globally distributed technology that supports and impacts all enterprise edges and IT domains. For example, this would include a branch office in LA along with the main HQ in London, while traveling/mobile team members can connect on the go.

SASE addresses the numerous problems with traditional network security methods, many of which are rooted in the idea that network security architectures should be placed at the center of connectivity in the HQ or data center, where typically branch locations are more vulnerable to attack.

The Fundamentals of Secure Access Service Edge

According to Gartner, cloud-centric digital business, users, devices, and the networked capabilities they require secure access to are everywhere, and what security and risk professionals in a digital enterprise needs is a worldwide fabric/mesh of network and network security capabilities that can be applied when and where to connect entities to the networked capabilities they need access to.

Implementing a SASE architecture would benefit enterprises by providing:

• Lower costs and complexity – Network Security as a Service should come from a single vendor. Consolidating vendors and technology stacks should reduce cost and complexity.
• Agility – Enable new digital business scenarios (apps, services, APIs), and data shareable to partners and contractors with less risk exposure.
• Better performance/latency – latency-optimized routing.
• Ease of use/transparency – Fewer agents per device; less agent and app bloat; consistent applicate experience anywhere, any device. Less operational overhead by updating for new threats and policies without new HW or SW; quicker adoption of new capabilities.
• Enable ZTNA – Network access based on identity of user, device, application – not IP address or physical location for seamless protection on and off the network; end-to-end encryption. Extended to endpoint with public Wi-Fi protection by tunneling to the nearest Point of Presence (POP).
• More effective network and network security staff – Shift to strategic projects like mapping business, regulatory, and application access requirements to SASE capabilities.
• Centralized policy with local enforcement – Cloud-based centralized management with distributed enforcement and decision making.

SASE & Network Access Control

In essence, SASE converges the functions of network and security solutions into a single, unified cloud service. This marks an architectural transformation within the realm of enterprise networking and security, and it means that IT teams can now deliver a holistic and flexible service to their businesses.

The logical next step in the evolution of network security is for organizations to be able to leverage a NAC solution that’s delivered as a cloud service. This eliminates the need for costly on-site appliances and on-going maintenance. Now, all that’s needed to control network access at branches and the headquarters alike, is an internet connection.

New Jersey-based Schuman Cheese has a long, storied history of delivering world-class cheese products to the U.S. market. Operating across several facilities in New Jersey, Illinois, Wisconsin and California, the company maintains a workforce of more than 400, with revenues topping $500 million annually.

A Deep Dive with Portnox CORE

About four years ago, Schuman Cheese went out in search of a network access control (NAC) solution to help the company manage network access across its many wired ports. Lead by IT Infrastructure Administrator, Andrew Sayegh, Schuman Cheese came across Portnox CORE while conducting research online, and determined the platform was worth pursuing. “We initially had a demo, then did a proof of concept, which was very easy to get up and running,” Sayegh went on to say. “We found that the visibility that Portnox CORE gave us for each port in use across the company was unparalleled. We really loved the platform off the bat.”

We found that the visibility that Portnox CORE gave us for each port in use across the company was unparalleled. We really loved the platform off the bat. – Andrew Sayegh, IT Infrastructure Administrator @ Schuman Cheese

Assessing NAC Alternatives like Cisco ISE

Simultaneously, Sayegh and his team were investigating Cisco’s Identity Services Engine (ISE), a legacy onpremise NAC solution. “I had previous experience with ISE, but I still needed another engineer to help me configure and implement it. Had I done it alone, it would’ve taken me a full week or more to complete,” said Sayegh.

After some time using with ISE and comparing it to Portnox CORE, Sayegh and his team felt the choice was obvious. “If ISE ever went down, we wouldn’t know how to fix it on fly. We’d have to find a temporary solution to allow people to reconnect to WiFi and wired ports. It was just always a struggle, especially with over 200 people connecting to our wireless network everyday.”

Closing the WiFi Security Gap Where ISE Fell Short

More recently, years after selecting to deploy Portnox CORE across the company’s wired network, Sayegh and the Schuman Cheese IT security team set their sites on trying to rectify lingering access control issues related to ISE across its wireless network.

“We conducted a test of Portnox CLEAR – your cloud NAC service – for access control across our WiFi environment. It took literally ten minutes to set up with the help of Portnox’s support engineer,” Sayegh continued. “It was just so easy to use out of the gate.”

The Pandemic & Cloud Adoption

“Since we’re a food manufacturer, we still needed to have people in our facilities and warehouses on site during the pandemic. These folks would need to be able to connect to WiFi primarily,” said Sayegh. “The implementation of Portnox CLEAR for WiFi gave us much needed access control that was flexible and easy to enforce during this period of uncertainty.”

Despite the challenges posed by the pandemic, Sayegh and his team continued a campaign of cloud adoption when it came to new security tools – of which Portnox CLEAR fit in well. “We are making a real push to adopt cloud-based tools – that was a major factor in us bringing in CLEAR to support our access control policies across WiFi alongside CORE for wired,” Sayegh stated.

The hybrid use of CORE (on-premise) with CLEAR (cloud-delivered) for network access control has been exceptionally effective for Schuman Cheese, especially now as employees return to the office post-pandemic and increased wired network usage surges alongside continued WiFi reliance. Sayegh concluded: “It’s been very easy to work across both NAC solutions to enforce our network access control policies and keep the network secure.

Originally posted on People and Computers

“The combination of changing work patterns due to the coronavirus, with the increasing migration to cloud environments, creates a new and significant challenge for corporate information security managers,” said Ofer Amitai, one of the founders and CEO of Portnox, explaining how it can be answered at the identification stage.

“One day, a food supplier from abroad called me. One of the company’s employees, who was fired, connected to the organization’s operating systems, changed the temperature of the meat refrigerators and caused damage and loss of goods worth millions of dollars. That’s how they understood that more vital identification is needed on the network and contacted us, “Ofer Amitai, one of the founders and CEO of Portnox, told People and Computers.

“The coming period will be characterized by hybrid work. This format makes remote work an integral part of all workers’ activities, and those who have not yet dealt with a remote work method will do so today or tomorrow. It will enable regular work alongside the protection of the organization and its resources. The combination of changing work patterns due to the coronavirus, with the growing migration to cloud environments, creates a new and significant challenge for corporate information security managers, and is a winning combination for hackers,” continued Amitai.

What is the main challenge for information security managers?

“Above all the challenges facing the information security manager, there is a major challenge, and that is that he must understand who and what threats he is facing,” Amitai noted. “One of the most difficult challenges for the organization is the migration to the cloud – how the systems and data will be kept secure in this new environment on the one hand, and that all systems will work on the other. Israel is slightly behind cloud adoption compared to the US market. It will be like the main headquarters so that one day everything will be connected to the cloud, and the services will be consumed from it, without the need to join the offices to the branch. ”

He added that “when setting up secure access control to the corporate network, make sure that application-level privileges are managed – whether via remote connection (VPN) or user management (VDI), which allows remote, virtual access to the desktop. Connection security must also be ensured via MFA – multi-step authentication of the user. Then the end station must be handled, including personal devices that employees bring from home. The goal is to maintain a consistent level of information security, regardless of the identity of the end device.”

A significant promise – but also risky

Portnox was established in 2007 to help organizations protect their corporate networks through the use of technology that allows them to see all devices connected to the network and to perform preventative and corrective actions that defend it from risk-prone devices. “This is a technology that makes life easier for information security managers in their day-to-day work,” Amitai explained.

“When someone accesses the network – via a remote, local connection or cable – Portnox knows how to make a strong identification of the device and the user. We do not manage the end component, but its risks,” said Amitai. “Our product in the cloud, Portnox CLEAR, enables organizations to protect the enterprise network via the cloud. The solution complements the security layer for VPN and VDI solutions. Through continuous risk monitoring capabilities on end stations and devices, information security principles are maintained and enforced – regardless of physical location. The end station, whether inside or outside the organization, and owned by it, or whether it belongs to the company or the employee, thus, all stations become secure and authenticated devices, which comply with the organizational security policy – all through enforcement, by the policy definition The organization, which changes according to its needs. ”

In conclusion, Amitai stated that “all the trends in the market bring with them a great promise – but also risks. They expose organizations to more hacks into their network, which makes them look for security solutions like ours – smart, easy to manage, and those who make sure the corporate network is secure. We have a wide range of enterprise and SMB clients who come from many sectors, including the medical, banking, and high-tech sectors. In the past year, we have experienced a 30% increase in revenue, and I estimate that the growth trend, which continues this year, will continue in 2022.”