Protecting the edge

By Nick Alevetsovitis

Security risks have a way of exponentially growing as networks become more complicated. Multi-edge networks are now the norm, with WAN, multi-cloud, data center, Internet of Things (IoT), and an increased reliance on home and remote workspaces. These networks must deliver consistent experiences for users regardless of their location, all while remaining responsive to changing business needs, new technologies and new threats.

Since it is unlikely networks will become less complex over time, approaches to security must change. While interconnected edges can improve performance and user experience, the proliferation of point networking and security products can make network visibility a challenge resulting in new opportunities for cybercriminals.

Understanding the risk at the edge

With the rise of remote work, corporate networks risk exposure has evolved. As our FortiGuard Labs threat research has shown, malware intended for IoT devices can be used in attacks, and home-based resources can be used as a foothold for more severe attacks targeting the corporate network.

Take Access Trojans (EATs) for example. They can execute invasive activities such as intercepting requests from the local network to compromise systems or injecting additional attack commands. Remote Access Trojan (RATs) can give attackers control of a computer through a remote network connection. Other risks include smart devices that collect information because they can provide a conduit for attacks, including ransomware, extortion, or stealth credential attacks.

Other edge-based “living off the land” threats can look like normal system activity. Combined with EATs, this type of edge-based malware could monitor edge activities and data and then steal, hijack, or even ransom critical systems, applications, and information.

Protecting the edge

Taming the multi-edge network requires security and networking solutions that can work together. A cybersecurity mesh platform architecture paired with a security-driven networking approach can provide the visibility and automated controls that complex networks need to ensure coordinated protection and response. This integrated approach is particularly critical for software-defined wide-area networking (SD-WAN).

SD-WAN makes it possible to use WAN services more effectively across multiple locations by simplifying branch networking and providing faster access to cloud-based applications while monitoring connections for better performance. Unfortunately, not all SD-WAN solutions offer integrated security, leaving networks at risk to new threats.

With networking and security solutions working as a unified system, security systems can adapt and scale with SD-WAN connectivity. Within this integrated model, SD-WAN works best alongside these key elements:

1. Zero Trust Network Access – Zero-trust network access (ZTNA) provides secure access based on specific users, devices, and applications. Starting from a zero-trust stance makes it easier to manage access to critical applications and maintain visibility into who has access to specific resources. Integrating ZTNA with a next-gen firewall-based SD-WAN solution can reduce device sprawl and help enforce security policy across all edges.
2. Multi-cloud SD-WAN – For multi-cloud deployments, SD-WAN solutions should provide reliable access to cloud-based resources. Granular controls can help enable secure and high-performance connectivity between multiple clouds.
3. AI Security Operations – Avoid manual configuration errors with a security operations centre that uses Artificial Intelligence and machine learning to detect and respond to threats across deployments. Adding AI and timely threat intelligence can help speed up the identification and remediation of security issues and identify configuration errors.
4. SD-Branch – Next-generation branch networking strategies like SD-Branch can extend the features of SD-WAN across the entire branch network. This approach consolidates services and management, avoiding siloed appliances and consoles that traditionally manage wired and wireless access, WAN, and security.
5. 5G/LTE – Integrating a 5G or LTE gateway with an SD-WAN solution can provide flexible, fast, inexpensive, and secure broadband connectivity – even at the branch edge. An SD-WAN gateway should provide dedicated cloud management dashboards like simple out-of-band management (OBM) capabilities.

The most effective way to bring all these elements together for a seamless and secure edge is to move toward an automated cybersecurity mesh platform. Designed to replace fragmented, complex infrastructures, a mesh platform can increase network visibility and simplify new technologies and managed services deployment. It is a solution that works for today’s expanding networks and the rising threat landscape, and it starts with an effective SD-WAN deployment.

Nick Alevetsovitis is Vice President, Canada Enterprise, and Commercial Business at Fortinet