0800 799 7322
The core of good network security can be boiled down quite simply: you need to be able to monitor and control what goes on inside your network – letting in devices and traffic that are allowed while quarantining devices and traffic that could pose a cybersecurity threat.
Traditionally, this role is performed by your network’s internet firewall which – when properly implemented – provides an excellent first line of defence.
But there are limits to what even the most high-tech firewalls can achieve. Firewalls will not be able to see all of a network’s perimeter and certainly can’t stop users from making new, unauthorised network connections. In fact, plugging an inexpensive WiFi access point or router in to a spare Ethernet port on your network can completely bypass firewall controls and let anyone inside.
With today’s cybersecurity landscape, it’s crucial to maintain control over your network’s perimeter; to draw a line in the sand around your entire network and vigilantly police what goes on within it. This isn’t something that a firewall can achieve on its own.
Download paper for more details
Strong perimeter security practices focus on monitoring all areas where your network connects to other networks, called “edge connections”. Perimeter security tools ensure you’re in total control of the devices (such as routers, switches, VPNs, and firewalls) that carry traffic in and out of these edges.
Perimeter security is an integral part of many well-established cybersecurity frameworks. Standards like ISO27001 and the Cyber Essentials scheme encourage organisations to carefully defend their network’s edge connections from external threats.
Securing all edge connections is crucial. Without them, unauthorised users could gain access to systems and data, potentially leading to a breach. Perimeter security is also important in the fight against malware, as infections are easily transmitted across unsecured network perimeter connections. It’s this behaviour that made the WannaCry ransomware outbreak so prolific.
Your network’s edge connections effectively serve as the barrier between
your known IT infrastructure and external networks. External networks in this case could mean the open internet, third party WANs, high security networks,
or guest WiFi, so maintaining control over them (and generally keeping each area of the network “in its lane”) is essential.
When you know the extent of your network’s edge connections, you can implement meaningful controls that stop unauthorised access
to sensitive systems and data. In this way, sound perimeter/edge security practices can help you comply with GDPR and other data protection regulations.
To illustrate the purpose of good perimeter security, let's look at an example. Say a user plugs a cheap WiFi access point into an open Ethernet socket
within your network. They may have truly innocent intentions – say to improve WiFi coverage to their department.
But from an information security perspective, they’ve just opened a potential gateway for hackers, malware, and other cyber-threats to enter your network;
especially if they use the access point’s default login credentials.
Good perimeter security systems will immediately detect this new piece of edge hardware and can either shut off port activity or alert a technician to investigate.
Rebasoft provides a continual, real-time picture of your whole network, enabling it to detect, track, and authorise new edge connections in moments. Our system can automatically switch off port activity to suspicious hardware almost immediately, enabling engineers to query new devices and manually approve or deny access.
The platform also monitors how traffic flows in and out of your edge connections, to ensure that data is only moving in and out of the network in approved, non-suspicious ways.
When a new piece of hardware is attached to the network, Rebasoft will automatically assess whether it is capable of edge connections; and if so, it will check that those connections are only pointing to approved network hardware. Following this initial approval stage, Rebasoft will continue to review the device (and indeed the entire network) for any changes.
If Rebasoft discovers that new network equipment has been connected in a way that isn’t approved by your IT team, it can quarantine the new device or simply alert an engineer.
Additionally, Rebasoft monitors how traffic flows through your network’s edges, ensuring that both third parties and internal users are only accessing resources that they have authorisation to access. It can also query or halt systems that are being obfuscated through services like VPNs or TOR.
1. Continually monitors your entire network, reporting on new equipment including switches, routers, firewalls, and WiFi access points.
2. Maintains constant vigilance against unauthorised uses of your network, including use of non-compliant hardware and accessing external resources to conceal online activity.
3. Provides often overworked IT departments, CIOs, and CISOs with practical tools to monitor and enact functional edge security policies.4. Ensures that internal network users and authorised third-parties only access systems and data that they are allowed to.5. Uses robust port blocking to remove any suspicious edge connections from the network without having to manually search for and unplug any suspicious devices.
6. Identifies any security gaps that could leave you vulnerable to a cyberattack, like unauthorised WiFi access hardware or unsecured edge login credentials.7. Can pick up on data “black holes” where your network is dropping packets.8. Provides actionable, real-time alerts about network changes via email, Slack, or ServiceNow.9. Displays in-depth analytics about every network component, including serial number, OS version, SNMP status, routes, interfaces, performance metrics, connected end points, NetFlow traffic usage data, event history, TRAP data, syslog messages, and more
© Rebasoft 2009-2020