Today’s corporate networks increasingly use the Internet, and therefore have external interfaces. This network topology creates vulnerabilities that can be exploited by hackers to attack business applications and to gain access to business-critical data undetectedly. Business organizations of all shapes, sizes and industries, require effective protection against external threats of this kind.
Security by Design
To be effective and efficient, security requires a coherent end-to-end approach. And network security also prompts the question: make or buy? A key factor is security by design: in other words, corporate networks that are professionally planned and engineered from the ground up – and deployed in conjunction with automated roll-out and operational processes. The ideal solution is a combination of the provider’s standard security mechanisms and customer-specific additions, plus ongoing monitoring.
Fundamental protection through MPLS
It is possible to build solid foundations for security within a WAN environment by employing an MPLS network – where data is transmitted within a closed infrastructure operated by an MPLS provider, not via the public Internet. As the network topology is not visible to external parties, hackers struggle to find a way in. The structure of an MPLS network makes it inherently secure. Moreover, the infrastructure is monitored around the clock by the provider
Internet VPN security and bandwidth
An Internet VPN provides robust network security. Encryption and network access control – e. g. user authentication based on certificates – create sufficient protection for almost all use cases. But an Internet VPN cannot support guaranteed transmission parameters, such as latency or bandwidth. However, Internet VPN technology is an attractive option for many applications that require high bandwidth but are not sensitive to latency – such as email and back-up systems.
Mobile communication creates chinks in one's armor
The increasing mobility of employees accessing applications and business data via LTE or WLAN creates new network security perils. Mobile devices open up serious vulnerabilities with regard to hackers, worms and other malware – a threat that is often underestimated. Because the security standards of smartphones and tablets designed for the consumer market are far below those generally applied to connections between desktop PCs and LANs/WANS and therefore require additional hardening to be safe
Encryption of voice communications within LANs and WANs
Migration to Voice over IP (VoIP) is an issue that impacts all customers and carriers, and is therefore a key aspect of network planning going forward. Voice entails changes to data streams, and new challenges for security. In particular, end-to-end encryption for sensitive content is a must, especially when VoIP connections extend beyond the corporate environment, or beyond the trusted carrier’s infrastructure.