SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Here's how to put the net admin out of his (her) misery
Tue, 1st Aug 2017
FYI, this story is more than a year old

Pity the poor network admin, already struggling with all the new tech hitting the corporate infrastructure, when almost daily he/she reads unnerving stats like the following from IDC:

‘The growth of new technologies will add almost US$1.8 trillion to the overall size of the IT industry in terms of annual sales by 2020, and Asia Pacific will lead the way!' Oops!

IDC calls this new tech ‘innovation accelerators'. The average net admin will have a different name for it.

A big slice of that spending covers IoT devices, while cloud apps and mobility are not so far behind. It is all hitting already creaking networks, accelerating complexity and multiplying the day-to-day issues of network controllers.

CIOs too are feeling the pressure from the explosion of innovation accelerators. Worried IT leaders are asking searching questions about various issues:

  • Security – is our system good enough?
  • Cloud – can we secure cloud as effectively as we secure our data center?
  • Apps – how do we secure all the mobile apps our staff like to use?
  • IoT – maybe we need centralised visibility and multi-vendor enforcement.
  • The relentless march towards hybrid IT – gulp!

Here's the good news: CIOs can relax as long as they select an effective and comprehensive next-generation network access control system (NAC) to deliver secure access solutions to enterprises and service providers.

The ideal solution will cover enterprises from every vertical and of all sizes. It will utilise a virtual private network (VPN), network access control (NAC) and mobile security products to enable end-user mobility securely and seamlessly in their organisations. It must deliver secure access solutions for people, devices, things and services.

So net admins need not despair. Look for a smart network access control (NAC) solution built for the next generation of networks. NAC should make controlling who and what connects to the network really simple. Complete net visibility is essential: with simplified auditing and monitoring of network drives across the enterprise. 

A next-generation VPN is a good start. It should blend data center applications and public cloud services. Easy compliance is a must, to give granular control over who is accessing what, from where, when and how. End users would like to see the same experience no matter what device they use.

Clearly a mobile VPN must cover both iOS and Android-based devices. A single sign-on is highly desirable for both on-premise systems and cloud solutions. Deployment options should include purpose-built and virtual machine.

Policy control This must make controlling who and what connects to the network simple. Complete visibility is key here, as it simplifies auditing and monitoring of network devices enterprise wide. Automatic device addition must include features for Windows, Mac, smartphones and tablets.

The right solution will address regulatory compliance with the most stringent regulations.

A unified access control policy should cover wired and wireless connections, personal and corporate devices, remote and local access. Wizards and templates will take the complexity out of setting up a NAC solution.

Mobility management This needs to balance the right amount of control without invading device owners' privacy.

A tool that deploys apps by group via an enterprise app catalogue would be nice, while workspace separation will ensure BYOD user privacy. A cloud-based console would be heavenly.

To ensure security, certificate-based authentication is essential for enabling automatic access to VPNs and email. Access to unmodified enterprise-approved apps in the Google Play and Apple App stores can enable the use of MS Office and other popular suites.

Finally, users must be confident that their privacy is not invaded, and their personal data will not be deleted. Find a solution that covers all this functionality and those network worries are over.