In today's world, leadership in the cyber security solutions business has become a very fickle thing - most security solutions purchased by companies are either out of date or have been replaced by the new categories of security products.

 

Technology Research Institute has conducted a research entitled Advanced Network Security Solutions (News - Alert) for the Large Enterprise.

 

It's based on deep conversations with 16 leading cyber security solution firms who are profiled in the report.

 

TRI claims that market confusion abounds today over what constitutes a truly " advanced" cyber security system especially for organizations with large scale, always-on networks.

 

But that confusion is not necessarily a bad thing in a fast moving field like cyber defense, TRI, says. In fact, it's only natural: since the cyber criminal is ever-elusive and adaptive, cyber defense systems must also constantly adapt and absorb new functions.

 

" The mission of our study was threefold: scan the horizon for innovation; talk to key solution vendors who serve the large enterprise market; and figure out how the diverse solutions fit together into a full security system," study author James Heath, says.

 

" We concluded that while up-to-date Security Information and Event Management and Intrusion (News - Alert) Prevention Systems are essential, protection also requires owning several not-so-mainstream solutions such as Security Posture Management, Network Behavioral Analysis, Data Capture and Replay, Data Loss Prevention, and Denial of Service Mitigation."

 

Some of the highlights from TRI's report are as follows:

 

·         Cyber Attacks Gain in Sophistication: It is the sophistication of attacks in today's era that have greatly increased. Hackers are willing to slowly and painstakingly penetrate network defenses and extract data to sell

 

·         Network Operator Proficiency is key: 66 percent of initially undetected cyber crimes, according to a Verizon (News - Alert) vulnerability report were fully recorded in the firewalls, suggesting that more technology is not sufficient

 

·         Network Simulation Software now Critical: A 1,000 employee organization has over a million links between any two end-users and over a million lines of firewall configuration code. Meeting new regulations that require continuous vulnerability assessment means automating the process. Taking the network configuration files, Security Posture Management, can simulate the network connections and compare the access between two points to the access that was intended by the network operator

 

·         Security from the Inside Out Through NBA: Security is traditionally focused on external threats, but internal security is growing in importance. Suspicious activity is detected by Network Behavior Analysis, solutions that monitor traffic at various points inside the network and compare it to a calculated long-term baseline. It can detect the slow theft of data, as well as fraud. It also provides network planning and intelligent network management functions

 

·         SIEM Super Fast Correlation and Reduction of Events: Real-time security event viewing, with fast, proprietary databases, is now possible in networks that had up to 400,000 security events per second. The number of events from 20 million to 1-2 thousand serious ones can be reduced by another advance: centralized correlation done by SIEM

 

·         DPI Cleaning of Traffic during a Denial of Service Attack: In both security and traffic management applications, Network intelligence from Deep Packet Inspection, technology is gaining wider. By using DPI, it is possible to clean traffic during a Denial of Service attack; discarding the malicious data and forwarding on legitimate business traffic so the website stays up and running

 

·         Combining Security Capabilities: TRI is also of the opinion that cross-solution techniques will yield additional benefits.

 

 

In related news, ViaSat (News - Alert) has been awarded a contract to develop HAIPE IS Version 4 for Encryption and Cyber Security Products.