home   |  portnox™   |   solutions   |   support   |   partners   |   about us
 
Overview
Wake-up call
VoIP Challenge
Compliance
NAC Checklist
Buy Back Program


The Stuxnet attack is the clad iron proof that the common network security paradigm must change.
A wake-up call for a network security paradigm change

The other day, the US Department of Homeland Security determined that ‘The Stuxnet computer
virus is a game changer in the Network Cyber Security’. This determination has brought to the
forefront the fact that the security systems devised and believed to protect our networks from
known intruders are proving daily that they are no longer up to the task of
protecting your network.

As perimeters melt away, network security needs go far beyond standard encryption,
authentication and monitoring. What is needed now is a change in of paradigm, thinking
‘out of the box’, rather than the partial solutions and post-mortem ‘panic’ after damage has
been done. What is called for is a robust mechanism, backed by a proven working model,
which can guarantee that a device will be connected only to its designated network;
a mechanism that separates business activity from process control and manufacturing activity;
and a mechanism to guarantee that even the privileged aren’t betraying the trust given to them
– be it maliciously or innocently.

The Stuxnet attack is the clad iron proof that the common network security paradigm must change.
This attack should also serve as a loud wake-up call for all those who find comfort and security
in their current network protection systems.

The Stuxnet worm may have compromised the targeted systems by being physically introduced
to the premises of companies that were confident with the protection provided by standard industry
security standards. The intruder may have been a disgruntled employee; it could have been
a trusted contractor who has access to the facility or, a random visitor left alone in the vicinity
of a business network port. Because of the uncontrolled ‘blending’ of the business and
manufacturing control systems, anybody may infect the network. Stuxnet bypassed all the complex
and costly defenses previously believed to shield the network from a cyber attack.

Thus, in the light of the Stuxnet attack, there is an urgent need for Network Cyber Security to undergo a paradigm shift that integrates a new mechanism backed by a proven working model, a ‘game changing’ mechanism for the security industry:

  1. A mechanism that does what no other cyber security tool does today: places logic into
    a network port to profile in advance, identifies and distinguishes between one individual
    device and another. Thus, allowing only the relevant device to connect and only to the
    designated network.

  2. A mechanism that separates designated activities of business systems from those of
    industrial control systems – thus, one cannot hop from one connected business system
    network over to critical manufacturing control systems.

  3. A mechanism that allows access only if a device conforms to company policies and to
    approved protocols. It allows device access only at the approved ports; only at the
    approved time of day and only for the predetermined duration of access.

  4. A mechanism to guarantee that even as a legitimate device is connected, it will have
    access only to its designated network area (vlan), rather than be granted ‘free travel’
    to anywhere on the network.

  5. A mechanism which not only authenticates, authorizes and monitors an accessing device,
    but also keeps track and controls any device activity anywhere throughout the network.
    It even terminates a device activity if it is called for! Thus, keeps your network truly
    safe and secure.

Published best practice guidelines to control systems end user security management agree that
“...the basic premise of all prevention requires a multi-layered approach. The layers must include
such elements as: policies and procedures, network segmentation and authorization measures,
system monitoring and device activity control”.

The key, experts say is: “...the ability to assess the level of risk and the gap between the risk
and what is tolerable, identify system’s vulnerabilities and develop a mechanism to minimize or
even eliminate the risks”.

The mechanism that ensures the adherence to these guidelines and is designed to prevent
a future Stuxnet type of attack is here – it is portnox™ from access layers.
We are so confident in what portnox does for network security, that no matter what system
you now have in place, we will prove to you that your present system cannot and will not protect
your network as well as portnox can.

To learn more about portnox and how to better protect your network call one of our partners.

learn more...
 Mac in a Sack    
.. nac solutions are in some way
based on a mac authentication
layer... could it be that
your nac is a ‘mac in a sack’ ?
--------------------------------------------------
 White Paper     
 .. for improved network access control
click here to download
--------------------------------------------------
Case Studies

The College of Management Academic Studies (COMAS) chose portnox™ for their Network Access Control...
--------------------------------------------------

Israel’s leading TV broadcaster selected portnox™ as their NAC solution. Channel 10 is one of the leading...
--------------------------------------------------
___________________________
________________________________________________________________________________________________
_________________________________
© 2011 access layers. all rights reserved | Privacy | Terms |