How to Control Social Media Privileges via Firewall

facebook-firewallRunning a large or small company these days should focus on more than just business and overall return on investments. In order to keep track and stay on top of the crowd, you must ensure that your customer’s data is secured! According to firewall manufactures, modern malware is adept to hiding from security thus why business people endeavor to find swift solutions.

Firewalls are the foundations of network security. Since networks are strategically deployed on specific and critical chokepoints in the network, their stability and reliability is primary. This is why the next generation firewall (NGFW) must maintain the same principals in order to serve companies with positive results. Essence of NGFW must be based on stability, reliability, fast and admirable flexibility just as the current firewalls.

In order to address issues of security, NFGW will be required to provide granular control based on the underlying applications. For instance, in cases where unwanted applications may not be able to navigate past HTTP or even HTTPS, establishing those secure parameters will aid in the process and in return ensure that administrator security is well defined in accordance to the security polices with regards to the applications and ports alike. A very good example is the situation where the administrator will have the privileges of blocking all Skype traffic but allowing similar applications such as twitter to stream.

Although application control is the point of discussion, these days research carried out by NSS Labs indicate that most corporations are reluctant to embrace the designed technology beyond what they already believe in. This is why research further evaluates the need for enterprise security to help users understand that they are apparently not bypassing the corporate firewall by tunneling Skype, instant messaging, peer-to-peer or even IRC applications over HTTP but rather a technique in which enterprise security is working to help users see the value of responsibility and good behavior in such matters.

Since enterprise security views various activities on social media as things meant to occur during corporate lunch breaks, such as playing games on Facebook like Mafia Wars, Farmville among others, it means that the corporate ownership should be based on HR and not Security. More research identified that enterprises with web proxy/filter and corporate sponsorship within the HR department and perhaps managed by IT and security, then the policing and responsibility of users will be based on the web filtering solution and not corporate firewall as previously discussed.

It should be noted that identifying users and applying security policies based on identity is also an affirmative action that should be employed. The NGFW should target application of full strength IPS functionality, this will be able to consolidate security enhancements and further aid in identification and blocking unwarranted intrusions.

nextgeneration firewall3Depending on the discussed points above, it’s primary to consider the following factors in the NGFW device

1.      Traditional firewall­: this comprises of basic packet filtering, stateful multi-layer  inspection, NAT, VPN, high stability and high availability
2.      Integrated IPS: especially that designed with strength in client side protection
3.      Application awareness or control
4.      User or group control

5.      Ability to operate at layer 3: this is either traditional or in layer 2, bump in wire

After several security tests that would aid in understanding firewall breach and security measures to undertake. Experts used the same methods that Cyber criminals and hackers would employ to infiltrate security through social media. However, there were positive results that showcased the value of NGFW and the role it would play in the corporate industry to secure sensitive data in terms of performance, tuning as well as protecting desktop clients.

Regards,

Carmit Yadin


Categories: Security and Networking, Technology

Tags: , , , , , , ,

2 replies »

  1. Another great post, Carmit! Thanks for your thought leadership in this area.

Leave a Reply

%d bloggers like this: