Cloud-based firewall solutions are particularly beneficial for businesses and enterprises with multiple locations, as they eliminate the need for multiple boxes and receive constant updates if the firewall is hosted on the cloud. Cloud-based firewalls bring multiple capabilities such as not worrying about the capital expenditures of buying a box, having high availability, and geodiversity.
DDoS Protection vs Carrier-based DDoS Solutions
The next table stakes security issue is paying attention to DDoS attacks, which is an attack from multiple locations around the internet all coming into a central point with the goal to overwhelm the protection that sits there, the firewall at the end, or to overwhelm a web or application server. DDoS attacks usually intend to either take a company out of service or for some type of a political statement. A firewall itself can prevent DDoS, but if the firewall is busy worrying about throwing away the trash that's coming in with an attack, it would become overwhelmed, causing the end goal of a DDoS attack to be achieved since the firewall stops doing its primary function. The best way to combat a DDoS attack is to let a carrier deploy protection in their network, preferably at the very edges of a network, which is known as carrier-based DDoS solutions. The value of that is if multiple businesses are located in the same general market and one of those is attacked, it could impact everyone, not just the targeted business due the overall network being overwhelmed. By pushing that mitigation of the attack as far out as possible, such as to the edge, nobody sees it and the attack is prevented by the carrier.
DDoS protection should be considered regardless, but the more optimal way to deploy it would be to use carrier-based DDoS solutions as they gain the benefits of being able to push it out to the edge.
A carrier deployed DDoS protection solution may also benefit from threat intelligence related to attacks around the country or the globe. This intelligence allows an attacker’s signature to be known even before t he attack spreads to the carrier’s edge.
Endpoint Protection vs Holistic Endpoint Protection Solutions
The next thing that would be considered table stakes is protection of the end points in a network, known as endpoint protection or EPP. When you go online to a secure website, such as an online banking login page, you would most likely see that little lock on the left side of the address bar, which basically means that traffic is being encrypted. Encryption is a good thing, but as more and more Internet traffic becomes encrypted, firewall itself can't see what's going on as traffic passes through, so threats are going to get through to the end user's computer. Something may look normal to the user but could contain a virus or malware. And just like the firewall needs to have those regular updates, it's terribly critical that endpoint protection software is updated continuously, also. Buying EPP individually and putting it on individual computers is good, but it's not ideal. What you want is a holistic endpoint protection solution for a company. A holistic
Cyber Defense eMagazine – December 2022 Edition
111
Copyright © 2022, Cyber Defense Magazine. All rights reserved worldwide.
Made with FlippingBook Learn more on our blog