Traditional network infrastructures were always planned with a focus on connectivity rather than on securing users and the underlying IT. When it comes to security, is such an approach still acceptable today and what do lack of visibility, insufficient control and poor transparency in the corporate network mean? I’ll cover the answers to these question and other technical aspects of a secure network design in this blog.
The root of all evil.
Networks that were planned at some point in the past are no longer completely up-to-date with IT standards meaning that businesses are still using obsolete IP concepts and an outdated network logic. This is particularly the case at German SMEs, which often still take an Any Trust Network approach, concentrating predominantly on connectivity.
The consequences of flat IP concepts.
On the one hand, flat IP network concepts without recognisable security zones enable seamless communication between all users and application servers, because data packages can be transferred unfiltered from all locations to all areas of the network. On the other hand, however, they mean that network zones cannot be monitored through security gateways (e.g. firewall or IPS), which means that potential malware, network trojans and other malicious software such as ransomware can spread throughout the entire network and cause significant damage.
It is worth highlighting the devastating effects wreaked by malicious software, which, in addition to the failure of an entire IT infrastructure, can also cause critical IT-supported processes and workflows to be paused for an indefinite period of time. When a business-critical system goes offline, the consequence can be that all activities come to a standstill for the entirety of disaster recovery.