The New Business Architecture: Making the Most of Business 2.0

Transcription

1 The New Business Architecture: Making the Most of Business 2.0 PROTECTION AT THE SPEED OF BUSINESS

2 This brochure will outline some of the key business trends created by the business 2.0 model, how they affect your network and what can be done to address them. Contents Optimizing your business through the network 1 The evolution of comprehensive protection 2 Improving your competitive edge with network consolidation 4 Profiting from the Business 2.0 world 6 Boosting productivity through data leakage prevention 7 Summary 8

3 The New Business Architecture: Making the Most of Business 2.0 The rules of business are changing at a breakneck speed. Despite the economic downturn, and in some cases because of it, companies are embracing business 2.0 the use of collaboration, technology and social networking to tackle business challenges at an unprecedented pace. In fact, 49% of enterprises believe they will have implemented 2.0 by the end of this year 1 and those that are not doing so risk losing their competitive advantage. However, this change is placing increasing pressure on businesses and IT departments to find new ways to adapt their organizations to the 2.0 world. At the heart of the 2.0 revolution lies a surge in user-generated information. Managing the availability and security of this information is paramount to both the successful day-to-day running and the long-term achievement of any business. However, the management of it can only be as good as the infrastructure of the network that carries it. At the same time, technology budgets that are under greater pressure than ever, have to stretch to cope with the spiraling number of devices, especially mobile ones, connected to the corporate network. Recent research 2 found that most executives use at least four different gadgets to access business information every day. When this figure is multiplied by even just 500 employees, the strain on the network becomes clear. Network architecture needs to be dynamic, scalable and agile in order to meet these challenges. By considering how you meet these trends you could not only lower your total cost of ownership but also enhance your organization s operating performance, while at the same time improving the amount and quality of information business decisions are based on. In reality, network architecture has a direct impact upon the business bottom line and you have the ability to ensure that impact is positive, measured and provable. Optimizing your business through the network These days business is looking to leverage existing assets and technology should not be overlooked in this quest. The corporate network has a significant role to play in optimizing business 2.0. The most important part of optimization is measurement: how can you know what to add or remove if you do not have a clear overall picture? Network management tools offer a crucial part of the solution. They provide a fundamental benchmark against which you can measure the degree to which your organization is benefitting from the full potential of its business assets. A comprehensive security solution should include management and measurement tools that provide an overview of all the information entering and leaving the network, showing where it is going and through which device it leaves and scans the security activity of each independent appliance. Imagine what you could do with this knowledge. As well as using it to improve your business performance, it can help ensure that your network security is aligned with your changing priorities. 1 Mesmo Consultancy, June 2009; 2 Redshift Research, autumn

4 Powerful network security solutions, like the SonicWALL Network Security Appliance, also allow organizations to give differing levels of freedom to their employees. This enables greater productivity as it gives users the ability to use the applications they need when and where they need them, optimizing their performance. Visibility of what is happening on the network at any given time enables the prioritization of network bandwidth usage, so that business critical applications like SAP run more quickly than social applications like Facebook. Being able to do that based on the application, type of service content or user profile is now essential in order to ensure your network is optimized for the business 2.0 world. Did you know? n Network security optimization can typically help companies secure revenue gains of between 10% and 30% 3 n Enterprises can expect, on average 30% more data to be delivered over the same bandwidth where performance optimization technologies have been deployed 4 n A plumbing company in the US saw network administration time fall from four hours per week to just ten minutes after installing SonicWALL products. The evolution of comprehensive protection It is easy to lull yourself into a false sense of security if you have not experienced a noticeable attack on your data or content for several years. Unfortunately, while the business 2.0 model means that is it easy to get connectivity, it is also means that it is easier than ever to attract a virus or become the victim of a security attack. What is more, threats will only continue to proliferate as not only traffic levels, but also the number of devices connected to the network, are increasing rapidly. Some of the biggest 2.0 related security concerns stem from the pervasiveness of applications, the user generation culture, the download phenomenon and content validation. Deploying a costly, overly complex network security solution does not always result in comprehensive protection for your organization. Threats are evolving on a daily basis in the second half of 2008 alone there was a 130% increase in unique malware 5 and that year 49% of businesses experienced a virus. 6 The static approach offered by most security solutions is not enough to protect you. Enterprises can expect, on average 30% more data to be delivered over the same bandwidth where performance optimization technologies have been deployed. Dimension Data Research Autumn 2008 In fact, the traditional fortress approach of a walled network perimeter is actually an inhibitor to today s business 2.0. Instead, to enable business to develop freely yet securely, organizations need to deploy a dynamic perimeter model where there is no distinction between internal and external users. Enterprise-level security and connectivity need to be able to change simultaneously, reacting to the business needs and therefore the individual employee s access rights in an instant. With the inexorable rise of anywhere, anytime working, traditional network boundaries have evolved to create an inverted network where the perimeter itself has dissolved and instead the network can go anywhere at anytime. Employees, whether they are in the office, working on a mobile device like a Smartphone, PDA or net book from a customer s premises, or at home using a fixed VPN connection from their laptop or home computer, expect instant access to the corporate network. As a result, companies need to find a way to offer immediate, secure network access to all employees. SSL VPN technology can provide that connection. It intelligently allows access based upon who and where the user wanting to connect is. 3 Analsys Mason 2009; 4 Dimension Data 2009; 5 Kaspersky Labs, July - November 2008; 6 Computer and Cyber Crime Centre,

5 Worryingly, most of the hundreds of thousands of remote connections today are not secure. For example, concerns have been raised recently about vulnerabilities that allow criminals to perform man-in-the-middle attacks, hijacking various browser and non-browser based SSL sessions. This can compromise secure data without the user being aware that the secure connection has been intercepted by an unknown third party. In addition, SSL sessions compromised as a result of the vulnerability can be used to install unwanted Trojans and malware on the victim s computer. The clean VPN principle can offer the higher levels of security that business 2.0 requires. When SonicWALL SSL VPN appliances are deployed in conjunction with SonicWALL NSA products, they offer a maximum security, in-office experience for employees wherever they may be. The SonicWALL products process all traffic coming into to the network via the encrypted SSL VPN, passing it through a UTM engine on the NSA, scanning, or cleaning, it before allowing it to pass through the internal corporate network. The SonicWALL NSA s deep-packet inspection engine provides rapid, advanced protection against viruses, spyware and other forms of malware, including Remote VPN (IP Sec and SSL VPN) man-in-the-middle attacks. A remote VPN provides mobile users With threats at not only the connection layer but also at the application and data transmission it is important to have protection that inspects in real time your company s application and data being sent in and outside your organization. However, millions of bytes of data are transmitted over the network every day and traffic technology. scanning can require an enormous amount of computing power. With traditional architectures, achieving the right balance between security and speed has been difficult, but fortunately new technology that scans data files and applications at very high-speed, for example SonicWALL s unified threat management firewall scanning on gigabit networks, has eliminated the firewall bottlenecks that drastically reduce application speeds. Deploying this technology has a direct impact on productivity as employees can access virus-free applications in a timely manner. with access to all office services and controls access to resources via user and groups while maintaining high levels of security through Clean VPN Did you know? n Trojans and malware now outnumber viruses in terms of risk to a network yet many gateway solutions still allow them to enter the corporate network 7 n In less than ten years the cost of bandwidth has fallen by around 90%. While this increase has given businesses ten times the available throughput for their money, it has also given hackers ten times the bandwidth in which to hide malware and other attacks. n The SonicWALL E-Class Network Security Appliance Series (NSA) is an industry first in terms of the speed and depth of data and application inspection, without degrading network performance. 7 Kapersky Labs 3

6 How SonicWALL can help you Advanced network security systems are often expensive, cumbersome and highly complex. SonicWALL allows you to break free: its solutions are robust, yet easy-to-manage and don t drain IT resources. The SonicWALL E-Class NSA Series delivers a breakthrough in network inspection capabilities: utilizing an ultra-high-speed deep packet inspection and traffic classification engine, the solution inspects real-time applications, files, and content-based traffic, without impacting network performance or limiting overall scalability. Its web-based wizard simplifies management and deployment. Remote network access control has become a business imperative. The SonicWALL Aventail series of products delivers a complete remote access control solution, without escalating infrastructure costs or complexity. Offering a single, centrally-managed gateway to control access to network resources, SonicWALL Aventail E-Class Secure Remote Access (SRA) solutions deliver flexible solutions for secure remote access, disaster recovery, mobile devices, wireless networking, network access control (NAC) and secure extranets. They provide ease-of-deployment and usage plus unsurpassed levels of granular control and connection to a wide range of leading end point devices. In addition, the management platform that the NSA Aventail products run on supports easy audits to help comply with regulatory requirements. The SonicWALL E-Class Network Security Appliance Series (NSA) is an industry first in terms of the speed and depth of data and application Improving your competitive edge through consolidation In these straightened economic times most businesses have already undertaken some consolidation and we are all familiar with the concept and the benefits it offers. However, as with optimization, without the one coherent view of your business how can you tell how and where to consolidate? While products from different vendors can often be integrated to work together, it is rare that you can benefit from all the functionality of each supplier s product all of the time they simply are not designed with working with other vendors in mind. In addition, when using a multi-tier approach from a range of suppliers it is hard to ensure that all the features you require are covered, yet none duplicated. inspection, without degrading network performance. One area that this is particularly true for is measurement and reporting: products offer varying levels of reporting, each manufacturer reports against different criteria and the reports are often not compatible rendering it virtually impossible to obtain one coherent view. As a result, many companies suffer from network blind spots which affect security, compliance, productivity as well as cost. Increasingly, organizations are turning towards service oriented architecture (SOA) cloud computing and virtualization. The benefits of SOA are clear, but they rely on network performance. If you cannot measure how applications are running over the network, you will be unable to reap the full benefits of consolidation. Network measurement tools are the glue that brings cloud computing and virtualization together, enabling you to maximize your assets, resources and connectivity. By internally sharing and correlating the findings of individual countermeasures and then facilitating a coordinated response, next-generation firewalls that are application aware can efficiently achieve a level of effectiveness that would otherwise require a substantial amount of manual integration among disparate solutions. They offer a consolidated view, on demand, of what is going in and out of your business. Similarly, having integrated management means that all of the security settings pertaining to a given domain can be established and maintained in a single place a characteristic which inherently helps minimize an all-toocommon occurrence with individual products where mis-communication and faulty configuration allows threats to slip through the cracks. The ability to consolidated management and reporting not only increases security but also allows organizations to become more compliant. 4

7 With SonicWALL s next-generation network security appliance, companies can combine several security products, such as content filtering and application firewall and anti-spam, in a single appliance. Multiple security applications can then be updated with a single download instead of separate ones for each product. This results in simple, less expensive management and lower running costs. In fact taking advantage of unified or integrated security solutions to replace or remove the need for further individual products will substantially reduce your total cost of ownership. Customers are reporting cost savings of 50% of more when products are consolidated with the SonicWALL Unified Threat Management Solution (UTM). This is coupled with a simplification of security infrastructure, which boosts its effectiveness. When managing multiple devices and security policies, complexity grows exponentially in relation to the number remote or branch sites that must inherit the same level of protection as the central site. For distributed networks with dispersed branch offices and remote sites, SonicWALL s Global Management System (GMS) simplifies the complexity of network management and reduces administration time, through its monitoring and reporting functions. It also provides enterprise-class scalability and redundancy, which assists in maximizing network up-time resulting in lower project risk and total cost of ownership. Did you know? n The individual point security appliance until recently the main enterprise securitproduct has now become part of most organizations security problems. n On the other hand, companies deploying unified solutions saw on average over twelve months reduced total cost of ownership stemming from 8 : 20% reduction in actual threat related incidents 14% reduction in audit deficiencies 11% reduction in unscheduled downtime 5% reduction in associated staff n Consulting firm Opus One says, SonicWALL has garnered tremendous loyalty from its customer base by offering network managers a UTM feature set at a competitive price. How SonicWALL can help you Sourcing, installing, integrating and maintaining security products and services from several suppliers can be expensive, complex and prevent your organization from taking full advantage of the business 2.0 opportunity. With the SonicWALL E-Class Network Security Appliance (NSA) Series, companies can consolidate security applications running on separate pieces of hardware, for example, gateway Anti-Virus, gateway anti-spyware, intrusion protection, content filtering, application firewall, SSL VPN, and anti-spam, onto a single piece of multi-function hardware for easier, cheaper management and lower power consumption. The SonicWALL Global Management System (GMS) helps enterprises to manage thousands of devices and security policies across distributed geographic locations and to deploy appliances and new configurations rapidly. The solution securely centralizes and simplifies management, configuration, planning, auditable logging and compliance reporting to help global regulatory initiatives. All of this ultimately translates to a lower total cost of ownership (TCO) in managing distributed enterprise networks. SonicWALL has garnered tremendous loyalty from its customer base by offering network managers a UTM feature set at a competitive price. Opus One Tucson, Arizona 8 Aberdeen Group, September

8 Profiting from the Business 2.0 world Business 2.0 is based on an application-woven philosophy where applications are all interlinked and provide the core method of recording and storing business information. As a result, applications on the corporate network are exploding: the average employee uses at least twelve different applications on a daily basis, compared with just six five years ago. Also, the implications of all these new applications on network design, bandwidth capacity, security, service quality and productivity is significant. If information is the engine of the 2.0 model then applications, which give meaning to this information, are the wheels. For example, web 2.0 applications typically devour bandwidth putting them in competition with other business applications. Users from all sides of the network expect speedy access to their applications but some applications are more important to the business than others are. Tests reveal the SonicWALL NSA E7500 unit s 96% success rate at blocking attacks is the best result, by far, for similar products. Lab test result, InfoWorld Magazine May 2009 How do you know which are the business critical applications and then how do you ensure they have bandwidth priority? The advent of business 2.0 means that being able to prioritize based on the application, type of service content or user profile has changed from being an option into an essential. Ensuring critical applications that are cloud-based or are running across geographically dispersed networks have priority access to the network bandwidth they need to operate is a key part of improving business productivity. Furthermore, burgeoning applications mean burgeoning security threats each application is a target for cyber criminals, especially as many carry company confidential information. Without appropriate management and safeguards, the application-woven basis of your business could actually cost more than what it adds to the business. Fortunately, there is one technology that can address both these issues. The next-generation application firewall outlined earlier sees beyond just data addresses by looking into the content of each individual data packet travelling over the network, both inbound and outbound, in real-time, and therefore provides much greater protection than the traditional firewalls that most companies deploy today. It performs application access control, regulates internet traffic, , attachments, and file transfers and supports bandwidth management. The packet inspection is done at extremely high speed and therefore many of the issues of latency and buffering that users complain of when accessing applications disappear. One important added bonus to the next-generation application firewall is that it comes as an integrated component of the SonicWALL NSA products and does not require additional funds to purchase. In short, when appropriately managed and measured the application-woven model can securely deliver improved productivity and time and cost savings to your business. In fact, with employees and partners able to access key applications all them time, it can enable a step-change in the way you do business. Did you know? n 25% of employees undertake peer-to-peer file sharing at work 9 n 42% of office workers between the ages of 18 and 29 discuss work-related issues on blogs and social networking sites 10 n Tests reveal the SonicWALL NSA E7500 unit s 96% success rate at blocking attacks is the best result, by far, for similar products 11 9 Equifax, 2007; 10 YouGov, 2008; 11 InfoWorld Magazine, May

9 How SonicWALL can help Outdated, stateful inspection methods are no match for today s firewall-evasive attacks. SonicWALL E-Class NSA appliances provide a new level of protection and network control, delivering a suite of configurable tools to prevent data leakage while providing granular application control. More than simply a security approach, the solution integrates multiple security products, including unified threat management and an application firewall, for multi-threat protection. Boosting productivity through data leakage prevention Like any other engine, the information powerhouse of business 2.0 needs to be monitored and cared for to ensure its best performance. With so many applications and devices connected to the network, information in business 2.0 can easily be subject to theft and online defamation. Do you know exactly how information is entering and leaving your organization? Do you know where all the information passing over your network is going? If you are not closely monitoring your information, it is likely that some of it is seeping out of your company. For example, in many companies, either outbound does not pass through their security system or the system does not check the content of attachments. In either case company confidential attachments can easily leave the organization. These leaks, although usually innocent, can still give competitive advantage to other companies or tarnish your reputation. If your outbound traffic goes through a next-generation firewall, you should be able to detect and block this data in real time. Information that you feel should be company confidential can have a digital watermark attached that the firewall detects and therefore does not let it leave the network. In addition, specific solutions, like SonicWALL Security, scan and audit both in-bound and outbound s before they leave or enter the corporate network providing additional protection and ensuring compliance. Addressing the challenge of data leakage relies on the same principles and technology as the other challenges discussed above. This is unsurprising, as business information needs to be treated as a whole. Individual siloed solutions for different aspects of your information architecture will not enable you to address the business challenges that the 2.0 world poses or drive your business forward. Did you know? n Data leaks are catching up with viruses as the worst IT headache for companies 12 n 6% of employees admit to having leaked company information but 16% believe that other employees have caused data leaks 13 n Over 10,000 companies worldwide use SonicWALL s powerful security solution to protect themselves from inbound threats and to secure their outbound and private or confidential information. 12 VNU, 2008; 13 Trend Micro

10 How SonicWALL can help Enterprise-level protection need not be complex. SonicWALL Security delivers the highest level of protection for the enterprise without the complexity: it provides powerful protection against spam, virus and phishing attacks in addition to preventing violations of regulatory compliance laws. SonicWALL Security can easily scale with your company s requirements, allowing you to keep up with the rapidly increasing flood of while the policy engine allows you to create and enforce specific policies designed to ensure the highest level of compliance possible. In addition, SonicWALL E-Class Network Security Appliances monitor all outbound traffic, ensuring that confidential information is not released via corporate or personal web-based accounts. Summary The era of business 2.0 is already upon us and companies that are not embracing it will be left behind. The challenge for CIOs is to ensure their business architecture is 2.0 ready and secure while at the same time is pushing down costs and improving return on investment across the organization. The key to this type of enablement lies in looking at the broader picture, rather than thinking solution-by-solution, as most companies have done to date. A siloed, unmanaged network will hamper productivity within your organization simply because you do not know where to consolidate, what your security weaknesses are or how to improve application availability. Without a single overall view of your network, over which the information essential to the running of your business flows, you cannot optimize it. If your existing network products do not address the issues discussed in this document, then not only are you missing an opportunity now, but it is likely that you will have to change solutions in the next few years to support business changes within your organization. Take the SonicWALL challenge today and ask your supplier if they can enable your network to address these new business 2.0 opportunities and create for your organization a powerful new business architecture. Product Line Brochure Corporate networks: Business 2.0 and beyond Read the SonicWALL E-Class Product Line Brochure PROTECTION AT THE SPEED OF BUSINESS Read the white paper: Corporate Networks: Business 2.0 and Beyond Click here to opt in to receive SonicWALL newsletters 8

11

12 SonicWALL, Inc Logic Drive T San Jose, CA F SonicWALL and the SonicWALL logo is registered trademarks of SonicWALL, Inc. Protection at the Speed of Business is a trademark of SonicWALL, Inc. Other product names mentioned herein may be trademarks and/or registered trademarks of their respective companies. Specifications and descriptions subject to change without notice. 09/09 SW 719