Firewalls are useless if threat slips through network: Zhong Wang of Hillstone Networks

Hillstone Networks, an enterprise network firewall solutions provider, recently released a major update of its data center firewall capabilities, which aims to increase the quality of security infrastructure for regional data centers. Zhong Wang, Co-founder and Vice President, Product Management, Hillstone Networks in a conversation with Techseen explains the security issues looming over the growing number of data centers and suggests ways to tackle them. Excerpts:

Techseen: What are the common problems of data breaches that companies face today?

Wang: Today’s IT landscape is in a constant state of flux. More IT services are being delivered via the cloud, and high profile data breaches are becoming commonplace. When applications, services and the perimeter become more and more fluid, there is clearly a challenge to achieve effective security with traditional security solutions.

This is why collaboration between the network and endpoint is critical to achieving competent security for organizations. When dealing with threats in a holistic manner, both external and internal threats must be given equal importance. In recent years, there has been a shift towards proactively monitoring the networks.

Techseen: Can an effective firewall counter the problem of data breaches?

Wang: While firewalls alone can detect and prevent external threats, they are rendered useless if a threat slips through the network. This is why there is a need to consider technology that not just address post breach issues but take care of internal network monitoring functions as well.

In fact, it is external parties, instead of the impacted companies themselves that discover 75 percent of breaches. On average, while a network is breached in mere hours, it takes an average of 200 days to be detected.

Techseen: What solutions does Hillstone Networks provide to mitigate the problem of data breaches?

Wang: Hillstone Networks offers a broad range of security solutions for enterprises and data centers. We provide continuous threat defense not only at traditional perimeters, but also within internal networks that delivers 360° protection to the network, whether it’s physical, virtual, or in the cloud.

In physical environments, Hillstone offers Intelligent Next-Generation Firewalls, deployed at the enterprise perimeter or inside the network. It monitors the network continuously for anomalous network behavior and security breaches.

For perimeter protection in virtual environments, Hillstone offers a complete virtual firewall solution available in a software form-factor, called Hillstone CloudEdge. For cloud deployments that require complete East-West traffic security, Hillstone uses micro-segmentation technology to protect each virtual machine in the cloud.

Techseen: With Internet of Things paving its way to our personal devices, what kind of threats are we exposed to?

Wang: IoT risks are complicated due to their highly connected and accessible nature. IoT devices typically incorporate sensors, switches and logging capabilities that collect and transmit data across the internet. Some devices may be used for monitoring, leveraging the internet to provide real-time status updates.

Poorly secured smart devices become a threat to the network’s security, since they are often connected to your network, and are situated where they can access and monitor other network equipment. It is easy for attackers to leverage a compromised IoT device to bypass the network’s security settings and launch attacks against other network equipment “from the inside”.

In addition, since IoT devices are network sensors, they rely on manufacturer servers to carry out processing and analysis. End users freely share everything from credit information to intimate personal details. With manufacturers collecting so much data, data storage by third parties become a significant concern. The severity of the issues associated with data collection is only just coming to light.

There are already recent IoT breaches such as the VTech data breach which exposed the personal data of 12 million people, including 6.4 million minors.

Techseen: How is Hillstone Networks tackling the security issues over Internet of Things?

Wang: Hillstone Networks is actively aware of the potential threats that IoT devices pose to both the network and user data. Our key technologies, behavioral analytics and micro-segmentation, utilize a thorough approach to tackle the threats posed by IoT.

By applying advanced behavioral analytics to network traffic, Hillstone’s Intelligent Next-Generation Firewall (iNGFW) can discover exact or approximate network behavior that matches or approaches that of a malware family and one of its behavior clusters stored in its database. By applying these analytics, it can not only identify a potential attack in minutes, but also provide a complete description of the closest known attack, including forensic information and level of criticality, that IT can use to address it.

Micro-Segmentation addresses the gaps in visibility and control of traffic at the virtual machine level. Hillstone leverages micro-segmentation to provide unparalleled visibility of live East-West traffic, protecting East-West traffic with L2-L7 security services. Active orchestration ensures that deployment and configuration overhead is minimized, without network interruption. With advanced micro-segmentation, Hillstone protects each virtual machine, enabling fully secured, scalable cloud services without disruption.

Techseen: Today’s data centers face a massive growth in network traffic as well as an increase in the number of concurrent users accessing services and applications over the network. Can you explain how this growth in network traffic affects the performance and protection of the network?

Wang: The number of data and data centers worldwide are growing rapidly. In fact, in Southeast Asia, data centers face a massive growth in network traffic, and is expected to grow at 32 percent, with the region having 260 million users in 2015.

The growth in network traffic, coupled by the burgeoning IoT market, puts a strain on the performance and protection needs of the network. The performance of data centers has also been affected by more email messages, photos, and videos sent from mobile devices running a huge range of applications.

Firstly, the network may not be ready for the data explosion, driven by the rise of 10 GbE servers replacing 1 GbE servers. High-performance switches, routers and security devices must be deployed to cope with new bandwidth demands.

Secondly, data center traffic is changing from being predominantly north-south (in and out of the data center) to more east-west (server-to-server within the data center), with applications evolving from being client-server-based to service-oriented-architecture-based. This means that planning for high bandwidth, low latency, and predictable performance between servers is now necessary.

Techseen: So what are the ways to welcome the growing number of data centers without compromising on security?

Wang: When it comes to protection, security must be integrated into the data center itself, in order to handle not only north-south traffic, but also east-west traffic flowing between devices, or even between data centers. Data center security must also dynamically cover high-volume bursts of traffic to accommodate highly-specialized data center environments operations today.

Centralized security management is necessary. Security must be intelligent, so administrators can focus on providing services and building custom applications to take full advantage of the business benefits these new environments enable, without getting mired in administrative security tasks, or risking reduced levels of protection.

Techseen: According to a joint report by Google and Temasek, Southeast Asia (SEA) is the world’s fastest-growing Internet region. Will this spark the need for a rapid increase of regional data centers? How does Hillstone Networks plan to ensure the safety of this growing pool of data?

Wang: As a fast growing region filled with big players and new developments, there is no doubt regional data centers will rapidly increase. Many companies are already building there second and third data centers, and several global companies such as Alibaba, have opened their second data center in the region.

Hillstone Networks understands the growing data center market in the region means a surge in data, which ultimately requires data center security to be more dynamic. We recently announced an upgrade of our X-Series data center firewall, a breakthrough technology for the larger network bandwidth of today’s data centers that require a robust network security solution that meets their budget requirements.

Some highlights of the upgrade include high performance at 680Gbps, based on a fully distributed architecture, and a 2X improvement in the number of concurrent sessions (240M) and new sessions/sec (4.8M). With the upgrade, our customers can now have peace of mind that their business networks are secure and their business needs are met.

Techseen: Does the Cloud pose a different security challenge or should enterprises leave the security tackling to the cloud service provider?

Wang: Network security is somewhat challenging in cloud environments because the architectures are dynamic, making it complicated and expensive to implement fixed security measures. Cyber attackers today are also more sophisticated, engaging in persistent attacks to compromise network and cloud security. Despite these concerns, security and compliance can still be strengthened in cloud deployments.

Perimeter-centric security solutions are not built for today’s data environment, which blurs the boundaries of virtual and fluid, cloud-based workloads. These workloads, once provisioned, need persistent and consistent security enforcement regardless of changes in the environment for that workload.

Techseen: Does the skill gap in IT departments pose a challenge in enterprises when it comes to cyber-security? Are enterprises today considering outsourcing security as a viable solution?

Wang: According to (ISC)2, organizations will need six million security professionals by 2019 but only 4.5 million will have the necessary qualifications then. This trend is especially critical to Southeast Asia, where there is rapid change in how consumers and businesses deal with technology due to the impact of continuous technological innovation, and initiatives such as Singapore’s Smart Nation drive.

There are more sophisticated cyber threats out there than before, however, there is a shortage of cyber security talent with the expertise and time to monitor these threats. The odds are stacked against SMBs, as they often do not have the time or capital to invest in dedicated cyber security professionals.

As a growing economy, Southeast Asia is dominated by SMBs, which mean many companies in the region face the skills gap challenge and hence, face difficulties tackling cyber security issues.

While outsourcing security is a viable solution, many companies may be hesitant due to a lack of trust toward third-party sources. Hillstone Networks believe that the right products deployed in the physical, virtual and cloud environments can complement IT professionals and address the skills gap challenge faced by Southeast Asian countries.

Techseen: Do you have any comparison figures geographically in terms of which countries are at bigger risk and what’s Hillstone Networks doing to bring those vulnerabilities down in these countries?

Wang: Cybersecurity is an issue all countries in Southeast Asia grapple with. Southeast Asia is a heterogeneous region, the more developed a market, the more likely it is at a lower risk. Factors influencing this also include government policies, industry development and the dependency of industries on technology.

Hillstone Networks is aware of this issue, and strives to help businesses in Southeast Asia. We build intelligent next-generation firewalls to protect against Advanced Persistent Threats (APT) and zero-day attacks in the cloud era.

Built from the ground up for today’s virtual and cloud-based data centers, Hillstone Networks’ fully distributed, intelligent next-generation firewall platform overcomes the performance and deployment limitations of legacy firewalls, providing granular visibility and control of network traffic, based on real-time behavioral anomaly detection and advanced data analytics.