Keeping IT under lock and key

Building a business network from the ground up, from choosing the right type of network, shopping for hardware, and getting it all up and running comes with choosing the right network security solution for businesses. The Advisor speaks to a number of industry experts and asks their views on protecting vital office information of small and medium businesses.
Keeping IT under lock and key
By Administrator
Tue 13 May 2008 04:00 AM

Building a business network from the ground up, from choosing the right type of network, shopping for hardware, and getting it all up and running comes with choosing the right network security solution for businesses. The Advisor speaks to a number of industry experts and asks their views on protecting vital office information of small and medium businesses.

The thousands of small and medium businesses crisscrossing the Middle East are no longer small fry when seen as technology spenders.

Threats have been largely classified as external and internal, and of all the threats, internal threats have emerged as the most frequent and damage-causing threats.

According to industry experts, the region's rapidly-rising SMB sector has a strong influence on IT spending and accounts for approximately 98% of the companies in the Middle East region.

With the SMB sector being one of the fastest-growing market segments in the Middle East, many IT companies are offering solutions tailored to the requirements of SMB set-ups, which the vendors reckon will help integrate and manage an SMB's business processes.

"Simplicity is the key," says Ivan Kraemer, general manager for HP Procurve Networking Division."

He adds: "SMBs are now one of the biggest growth areas. A lot of big companies have been running into hot water, and as a result a lot of small businesses starting up. These companies don't have a complicated IT department, and so we have to make it simple for them to operate an IT system. This is really the booming sector today."

In order to stay connected and being ahead of their competition, many SMBs in the region are now investing in high-end networking and security gear for their organisations.

While SMBs require much of the same network hardware and software needed by enterprise networks, regional industry experts feel that SMBs should use routers, firewalls and other network appliances tailored for smaller networks, especially when the definition of an SMB set-up in this region means 50 employees or less.

Why network?

Information and communication are two of the most important strategic issues for the success of every business, especially an SMB. If you run an SMB set-up, chances are that your organisation uses a substantial number of computers, communication tools (telephones, fax, hand-held devices, and so on), and peripheral devices (such as printers, copiers, scanners, and so on).

So, if you have already invested in these devices, why isolate them? Get them all networked. By networking all these devices, you not only save money, but you also provide for a way for all your PCs, notebooks, and other hardware devices to communicate and exchange data.

Networking is all about sharing, and hence, it allows your IT infrastructure to connect to the internet, talk to each other, and share resources such as files and printers.

"If you are like many small businesses, you may be overwhelmed by a plethora of technologies that all claim to grow your business, reduce your expenses, improve customer service and enhance employee productivity. After all, your focus is on the day-to-day business, whether you are consumer service oriented (such as a retailer, restaurateur, motel operator and so on), knowledge worker focused (such as a law office, software developer, advertising agency, or a real estate agency) or in the wholesale product or service business," adds Ramin Attari, vice president for the Middle East at Nortel.

"We at Nortel are helping support SMBs in the region by providing them with the best connectivity solutions either at their desk or on their notebooks while on the move."

Only with the help of computer networks can a borderless communication and information environment be built.

Networking also adds a lot of flexibility in the way you work and spend time with your computers and electronic devices.

With a robust network in place, you can share a high-speed, broadband cable or DSL internet connection, so everyone can surf the web simultaneously.You can also access your own private e-mail account, while others cruise the web. Sharing of all types of files, including documents, digital images, music, video, and so on, is possible with a computer network.

You can also save money and time by sharing printers, scanners and other peripherals, and share storage space and access files on another computer through your network, thus minimising IT spend.

"The importance of networking has increased dramatically to businesses of all sizes over the last several years. As companies have continued to enjoy productivity gains through automation and faster access to information for decision support, they have consequently deployed more business processes and applications that rely on network connectivity to key computing resources and data depositories," explains Michael Rafael Cruz, head of Technical Department at D-Link Middle East.

SMB is a large and fast growing market segment in the Middle East. The safety and security industry is booming throughout the Middle East as the region deals with increase in a wide variety of security concerns ranging from identity theft, loss of confidential user data and productivity, bandwidth abuse, mail flooding, and so on.

"Networks today provide a key communications infrastructure for mission critical applications and business processes. With more and more mission critical applications running over networks today, the importance of networks have grown over the years."

Wired or wireless?

All networks are made up of basic hardware building blocks to interconnect network nodes, such as network interface cards (NICs), bridges, hubs, switches, access points, routers and so on.

Of these, two network components are most important - a router and a NIC.

A router is considered the heart of your network and is the device that routes all the traffic to and from the internet to the various computers on your network. It lets you share files and printers, and provides a basic layer of security from Internet threats.

A network adapter or a NIC allows your computers to connect to the network. If you already have a wireless or network adapter pre-installed in your computer, you may not need to purchase one. There are different types of adapters available, depending on if you have a desktop PC or a notebook.

Once you have decided that you indeed need a network for your SMB set-up, there's another question to ponder over - is it going to be a wired network or a wireless network?

While a wired network communicates through data cables, a wireless network uses radio waves to help you stay connected. Both the networks have advantages and disadvantages.

A wireless network provides you the mobility and freedom to work anywhere. Also, installing a wireless network is quick and effortless and has no restriction of wires or a fixed connection. A wireless network is also easy to expand, in case your business starts to grow.

"If you want to increase the on-site mobility of your people, you can deploy a wireless LAN and use telephony enabled notebooks and PDAs or wireless LAN handsets to stay connected. Staying connected ensures that time and distance doesn't become barriers to better customer service and more productive communications," adds Attari.

"When away from your office, you can connect your telephony-enabled laptop or PDA via wireless LAN hotspots in coffee shops, via an Ethernet jack in hotel rooms, and via DSL or cable modem connections at home. Just login to your office system and you can make and receive calls and have access to all the same features you are used to in the office. With a network at your office, you can also access various documents and files on your PC through a VPN (Virtual Private Network), while on the move."

Meanwhile, wired networks have been around for decades and the wired networking technology found today is known as Ethernet. The data cables, known as Ethernet network cables or wired (CAT5) cables, connect computers and other devices that make up the networks.

Wired networks are best when you need to move large amounts of data at high speeds, such as professional-quality multimedia.The benefits of having a wired network include relatively low cost to deploy, and the fact that these networks offer the highest performance possible - a standard Ethernet cable can offer up to 100-Mbps of data transfer rate, while a Gigabit Ethernet cable can offer a speed of up to 1000-Mbps.

Getting networked

While having a robust network backbone has become important for most companies in the region, the sheer amount of solutions available on the market might sometimes get overwhelming for SMBs who typically have no idea about what solutions to buy.

According to Harish Chib, vice president for New Business Development at Cyberoam, there are a number of ways to determine that - taking help of an IT consultant or appointing a full-time system/network administrator are some options.

However, for those who really don't want to complicate issues by including a third party in the decision making, or don't want to add to the headcount of their organisation, there are certain factors that should be considered.

First, one needs to understand that there's no "one size fits all" network solution available on the market. So, what works for the enterprise won't work for the SMB. The business organisation, technical sophistication, and management requirements of an SMB are quite different.

Also, the fact that small organisations can be entirely different from one another in terms of business requirements as well as technical capabilities can complicate matters further.

"Today the best methodology for SMBs is to ask the vendor for a proof of concept network for their customised IT needs for LAN and WAN, and total security needs. Vendors usually work with the clients and system integrators based on the same principles and thus we can tailor-make a solution according to that network needs, scalability, upgradeability, and so on," says Sumit Kumar, regional sales manager at US Robotics Middle East and North Africa.

Kumar further goes on to say that it is important for end-users to approach solution providers with a right view about their network traffic requirements and future load, and it is always best to set up with network with a mix of technologies from one vendor.

"Today IT managers, whether in the SMB or the enterprise space, want simplified IT networks and systems that are easy to manage," he claims.

"Thus, the regional market is moving more towards the unified-management and all-in-one devices from one vendor rather than installing bits and pieces from different vendors. Hence, the key is to choose and deploy the right technology, which is easy to manage and flexible enough to accommodate sudden needs and changes in their organisation."

Network security and SMB

In today's high-tech world, threats to small and medium business (SMB) networks, such as viruses and hackers, are becoming more sophisticated and more worrisome.

In the case of many small businesses, losing important data to such threats not only means lost business, but in some cases going out of business completely.

Being able to safeguard your business from these threats is a critical component of any good IT infrastructure and hence, it's smart to have a good network security system in place, should the unexpected happen.

"Threats have been largely classified as external and internal, and of all the threats, internal threats have emerged as the most frequent and damage-causing threats."

"Most SMBs are by and large aware of the threats and their capacity to cause damage to their businesses," adds Chib. "No doubt this is one of the main reasons for the growing security market in the Middle East. Moreover the growing popularity of identity-based unified threat management solutions (UTM) such as those from Cyberoam, which has proved effective in putting a lid on the internal threats like none other in the Middle East market. We as a vendor, send out monthly security reports to companies on our database."Securing your network infrastructure is like securing possible entry points of attacks on a country by deploying appropriate defense. Computer security is more like providing means to protect a single PC against outside intrusion.

The former is better and practical to protect the businesses from getting exposed to such attacks.

The preventive measures attempt to secure the access to individual computers - the network itself - thereby protecting the computers and other shared resources such as printers, network-attached storage connected by the network. Attacks could be stopped at their entry points before they spread.

As opposed to this, in computer security the measures taken are focused on securing individual computer hosts. A computer host whose security is compromised is likely to infect other hosts connected to a potentially unsecured network.

A computer host's security is vulnerable to users with higher access privileges to those hosts.

According to Nigel Hawthorne, vice president for International Marketing at Blue Coat, while some parts of security are well understood (content filtering for instance) there are new threats that appear every day, with old threats constantly changing.

"Hence, customers need constant education on new defenses against threats such as phishing, Web 2.0 and others. In addition, the change is always inherent in newer security threats, especially in certain areas, where the threats are not direct to the business, but these certainly need managing and user education (such as YouTube, Facebook, and so on)," explains Hawthorn.

"We have seen many SMBs demanding appliance-based network security devices, and I think that such appliance-based security solutions are the way to go."

Appliances to aid network security

Setting up and maintaining a reliable defense around your network takes hardware, software, diligence and a good measure of security expertise. That's a tall order for a small business.

But that's exactly what it takes to track constantly evolving threats, to monitor network activity and to maintain the collection of tools required to combat attacks.

For many small businesses, it makes sense to use an integrated security appliance. A security appliance consists of a collection of security tools built into a single box, and the box is installed at the customer site, typically between customer equipment and the internet.

Security tools may be automatically updated over the network through a subscription service. Such appliances are often called Unified Threat Management (UTM) devices.

Popular with many businesses, UTM is a category of security appliances that integrates a range of security features into a single appliance. The five most common security tools integrated in an UTM include a firewall, a virus detector, a spam filter, an intrusion detection system and content filtering.

A firewall is a network filter, blocking or allowing network traffic to pass according to attributes such as the destination port, or the IP address of the sender.

A virus detector meanwhile blocks traffic that includes certain patterns that match signatures of known viruses. A spam filter on the other hand, identifies and blocks spam e-mail.

An intrusion detection system/intrusion prevention system (IDS /IPS) looks for unusual access patterns that might indicate an attack is underway and may take action to block the attack.A content filter blocks content from a list of web sites, blocking illegal, objectionable or non-business-related content.

"Software-only security solutions just provide obfuscation. This is why software alone is not robust enough to withstand many common attacks," adds Cruz.

"Hardware based security solutions are very hard to be broken down. If they are broken down, the cost paid for relevant attack mechanism will be extremely high. The kind of high cost will significantly reduce or even eliminate the incentive to tamper with the device. Therefore, hardware-based security solutions provide the necessary security strength for the whole networking infrastructure. It also makes security transparent to the end-user and improves the performance of the security solutions."

According to industry experts, a UTM is designed to protect users from blended threats while reducing complexity. UTM appliances offer a way to manage multiple appliances from a single location, create and manage global security policies, provide real-time monitoring and logging, as well as provide a single interface to manage security.

It's basically the evolution of traditional firewall and VPN (virtual private network) solutions that incorporates many additional products and services. "Integrated security solutions have evolved as a logical way out to tackle the increasingly complex blended internet threats.

The shift in the SMB sector towards an internet-enabled business model and expansion of large enterprises has given rise to the adoption of integrated security appliances," says Chib.

"Appliances that combine multiple security functions in a single box, popularly called UTM, are popular choices of the SMBs."

Chib also adds that mid-sized enterprises have been fed a constant diet of increasingly narrow security technologies to solve narrow problems.

He says that clearly with increasing threats looming over their networks and ultimately on their business, they don't want another box to solve another problem. The needs are about leverage, simplicity and integrated management capabilities.

"Standalone solutions like AV, AS, Firewall fail miserably in keeping threats away. The SMBs today are largely looking at UTM solutions that can ward off both internal (purported to account for more than 50% of the total threats according to industry sources) and external threats," claims Chib.

"The reasons largely have been that with an increase in blended threats and the advent of 'zero-day' attacks, there arise a need for a multifaceted security solution that could proactively control the threat entry and where the various security functionalities are interoperable."

According to Chib, third-generation UTMs such as Cyberoam have found popularity among SMB sector as they provide comprehensive internet security by integrating a range of security features such as firewall, virtual private network, antivirus, anti-spam, intrusion detection and prevention, and content filtering.

"This is in addition to enhanced productivity through bandwidth management and multiple link management over a single platform. Moreover, Cyberoam UTM tackles insider threats by integrating identity controls and thus can identify the exact user and not just the IP address of the machine," he explains.

Many of the antivirus and security functions integrated into appliances can also be incorporated into your network via software.

However, over traditional software solutions, appliances offer many benefits including the following: it's easier to configure and manage, offers better integrity (it's harder to get through an appliance compared to a basic computer running security software), and features better overall performance. When choosing a software solution, you also need to consider additional products and hardware (operating system, server hardware, storage servers) and also provide maintenance, and set-up configuration for the solution including deployment, upgrades and monitoring.The additional hardware requirements and configuration and maintenance costs are reduced or removed with appliances.

According to Kumar, there is still lot of loopholes in the SMB networks' backbone, when it comes to stopping all the external attacks.

"There are different types of vulnerabilities still facing the SMBs such as e-mail spam, phishing, DoS (Denial of Service attacks), and so on," says Kumar.

"Corporate e-mail systems in an SMB set-up are most of the time at the receiving end, because these are always easily compromised by external threats. Hence, the right direction for SMBs is to invest in a unified solution such as an UTM, which combines the power of a firewall, an intrusion detection system and an intrusion prevention system."

Shahnawaz Sheikh, regional sales manager for Middle East and Africa at SonicWALL, is of the opinion that as most of the surveys done across the world by third party organisations talk about the growing demand for hardware-based solution over the software, it's no different for the Middle East region.

"The hardware-based solutions offer less dependency on other applications, operating systems and so on. For instance, SonicWALL solutions are combination of hardware and software - the software security services run on a SonicWALL hardware, which means deployed at the entry point of the network we can protect the threats of any breed of network," he explains.

"This essentially means that you may have multiple operating systems, several different applications and network resources on your network - all of these are protected at the same time."

SMB sector on an upswing

Research firm IDC expects a variety of evolutionary and even revolutionary changes that will drive opportunities on a worldwide and regional basis as broader economic issues complicate spending growth.

Increasing alignment of technology, distribution, and customer will be a key trend throughout 2008. 'A growing number of technology providers will invest time, talent, and money in the worldwide SMB market," says Raymond Boggs, vice president of SMB Research at IDC.

"Different regions offer different kinds of opportunities, but the concentrated focus on effective messaging, innovative products, and efficient distribution will be at the heart of vendor success across geographies."

Industry experts also believe that in the wake of increased information threats and rising instances of intrusion and hacking, the worldwide market for network security appliance and software is expected to grow to US$6bn by 2009.

According to research agency Infonetics Research, the worldwide network security appliance and software market grew 20% to US$5.2bn in 2007 over 2006.

"2007 was a strong year across the board for the network security market, with nearly all segments contributing to the strong growth," said Jeff Wilson, principal analyst for network security at Infonetics Research.

"Secure routers and SSL VPN gateways did particularly well in 2007 and we expect them to continue selling well at least through 2011."

What you need and expect from a network

• Network size and area: how many of your employees will want to share files, hardware or software? Will your computers be networked within one office or among several geographic locations across a particular region?

• Network administration: do you want to have responsibilities centralised into one network administrator position or should all staff take some responsibility for deciding what can be shared and when to do software upgrades and back-ups?

• Wireless networking: how many employees would benefit from wireless connectivity? Which areas or locations need wireless coverage?

• Sharing hardware and software: Do you want employees to share hardware (printers, modems, fax machines) and software or just files?

• Investment protection: Is your network infrastructure able to address today's increased demands and still prepare for the unknown demands of tomorrow?

• Security: will most employees have access to information, with only a few files requiring protection or will you have a number of layers of access? How sensitive is most of your information?

• Expansion: do you foresee your business expanding quickly in the near future or more slowly and steadily?

It is worthy to note that integrated appliances and software made up 85% of all network security revenue in 2007, with intrusion detection / prevention systems making up 15%.

"SMB is a large and fast growing market segment in the Middle East. The safety and security industry is booming throughout the Middle East as the region deals with increase in a wide variety of security concerns ranging from identity theft, loss of confidential user data, loss of productivity, bandwidth abuse, mail flooding, and so on," explains Chib.

"Based on an IDC report, the Middle East, led by the UAE, has spent US$4.718bn in 2005, a 15.6 percent increase over the previous year. These figures then reached US$5.620bn in 2006. According to IDC, the figure is further expected to reach a whopping US$9.338bn in 2009 at a compound annual growth rate (CAGR) of 18.6%."

It was once believed that network complexity was one of the key reasons for SMBs shying away from adopting various networking technologies available on the market - not anymore.

Today, SMBs are forging ahead in the adoption of newer networking technologies, having realised the business benefits behind new generation networks that offer converged data, voice and multimedia.

Kumar says that IT infrastructure investments are growing year over year in the SMB sector and most of the companies are now realising the needs of establishing a robust connectivity and security backbone for their organisation.

"We have seen more and more SMBs adopting alternative networks such as Wireless LAN for the office networks and implementing unified threat management systems (UTM) when it comes to achieving a complete security system for their networks. Also since last year, IP telephony is at the forefront of communication platform and many companies in this space are analysing VoIP technologies, too."

Chib adds that the rising popularity of UTM points to the fact that point solutions cannot tackle the complexity of blended threats whether external or internal.

"An integrated approach towards security is the right choice as there is a need for a multi-faceted security solution that could proactively control the threat entry and where the various security functionalities are interoperable," he explains.

"Only an UTM can offer multiple security features over a single platform, providing a coordinated defence against all emerging and blended internet threats."

SMBs were indeed once constrained by the limited technologies and tools available to them, and this impacted their ability to grow and succeed.

But things are changing as many companies are arming SMBs with customised technologies such as internet access solutions, networking tools, contact centre integration, security solutions and remote working, to name a few.

The technologies are already there - it however is just a matter of choosing the right tools and solutions for your SMB set-up.

Factors to consider when buying a network security appliance· While selecting security solutions, some of the points that should be kept in mind are:

• Point solutions such as a firewall, an antivirus or a pure intrusion detection/prevention system will not provide the multiple features and unmatched performance of integrated UTMs. For instance, a pure firewall won't suffice if the network comes under an attack beyond its capacity.

• In the face of rising insider threats it is important for security solution to identify the source of threat rather than just the internet protocol (IP) address. A threat can be detected on time before it matures into a full-scale attack if the user's identity is deciphered.

• It is important to ascertain whether a network security appliance vendor has included the specific features indigenously in order to get good support and updates.

• It is often thought that UTM provides lesser granularity as compared to a single appliance. This was true with the first generation UTMs. But new generation appliances have granular features with ease of installation and maintenance.

• Checking the background and technical history of the vendor is a must. The existing OEM agreements the company may have and its salient features must be verified along with the manufacturer's indigenous contribution to the tie up.

• Also, a UTM should have the certifications such as Checkmark, ICSA and VPNC.

RELATED LINKS: Printing money

For all the latest tech news from the UAE and Gulf countries, follow us on Twitter and Linkedin, like us on Facebook and subscribe to our YouTube page, which is updated daily.

Subscribe to our Newsletter

Subscribe to Arabian Business' newsletter to receive the latest breaking news and business stories in Dubai,the UAE and the GCC straight to your inbox.