FUTURE OF NETWORK SECURITY

The Future of Network Security



Abstract

In this study, we try to explore the concept of “Future of Network Security” in a holistic context. The main focus of the research is on “Network Security” and its relation with cloud computing. The research also analyzes many aspects of network security and tries to gauge its effect on “Cisco, SecureX, and Security architecture. Finally, the research describes various factors which are responsible for “Network Security” and tries to describe the overall effect of network security on Cisco, SecureX, and Security architecture.

Table of Contents

Abstractii

Introduction1

End of the Static Endpoint2

Cloud Computing4

Advantages of Cloud Computing6

Risk for a Computer Disaster7

Network Security10

Preservation of IP12

Preservation of DNS15

New Network Technologies in Security Profiles17

Revolutionary Change18

The Solution is to XTM19

Robust Protection20

Synonymous with Business21

Mobile Data Computing22

Back to Backhaul23

The Blueprint for Securing the New Enterprise24

Three Major Trends25

New Dynamics of Networking and Security25

New Architecture of Cisco Network Security25

SecureX Security Architecture26

Conclusion27

References30

The Future of Network Security

Introduction

There are three major trends sweeping through the enterprise: the rapid rise of the consumerized endpoint, the onset of virtualization and cloud computing, and the growing use of high-definition video conferencing. Each of these critical technologies is transforming business—and forcing a fundamental shift in how security is developed and deployed.

Today's security solutions are largely centered on protecting the physical infrastructure, and traditional security policy is expressed in terms of a particular device such as “the corporate PC,” an IP address, a network port, or an application protocol. In an increasingly mobile, borderless world, this construct is becoming significantly less relevant. To address new network and security dynamics, new security architectures need to be much more sophisticated. We need a sophisticated policy language that can be expressed in terms of who, what, where, when, and how. Security needs to be separated from the physical infrastructure underneath it. And it needs to be highly distributed so it can be deployed globally and can be available wherever and whenever the borderless enterprise touches the public Internet. Cisco has developed a bold new architecture to meet the needs of borderless networks, allowing organizations large and small to collaborate easily, and their new workforce to roam freely, with confidence (Midkiff, 2008). This architecture allows for more effective, higher-level policy creation and enforcement. Since it uses a broad array of parameters for policy, it allows for much more effective security and enables situational awareness. Instead of a great many complex firewall rules, security policy can now be based on context, such as “the VP of sales can access the global sales forecast, but if she is seeking access through a smartphone in China using a strange protocol, and meanwhile she already authenticated herself through the main campus in California two hours ago, this connection is invalid” (Spainhower et al, 2008).

This sort of intelligent policy enforcement uses next-generation scanning elements that are meshed into the new Cisco® SecureX Architecture. Within this new architecture, the next-generation endpoint is able to automatically find the nearest scanning element somewhere in the virtual security fabric and to make a seamless ...