Written By Larry Hoehn
In my previous post, I discussed how wireless technology has a role when providing secure BYOD access. Along those lines, this article explains firewall technology’s role for a secure BYOD initiative.
Today's corporate workforce expects to access their corporate networks from personal mobile devices used both inside and outside the corporate walls. Providing this access to employees and contractors drives productivity gains and fosters innovation. While the benefits can justify the requirement, BYOD introduces elements of risk that legacy technologies have a difficult time addressing.
Old-school firewall port and protocol-based security focus on attacks directed from the outside in. This method assumes that devices inside the network are trusted, since they allow access without consideration for the user’s identity, the device type, or the application in use. This leaves organizations open to attacks from inside the network.
Modern solutions take a new approach – these solutions map user and device information to network security policies, enabling IT to enforce what a user can access with a particular device and authorized application. Firewall policies can also enforce, among other things, bandwidth on a per-user or per-department basis.
How this works:
- Users and devices connect to the network.
- Wired or Wireless architecture shares contextual data (IP address, device type, user role) with the firewall.
- The firewall monitors for policy violations to the network based on who and what is connected to the infrastructure.
- Applications can be controlled based on who and what is connected to the infrastructure, or blocked if there’s no legitimate use.
The big benefit:
Security against known and unknown malware, zero-day exploits, and advanced persistent threats. The firewall automatically implements and enforces protection in near real-time to defend against dynamic attacks.
Stay tuned for my next article, where I’ll discuss a solution with a product use case!