Every week, 95% of network threat alerts are ignored worldwide, leaving behind an average of 16,232 threats that go unchecked. Most of these are unwanted and irrelevant alerts, but what about the vital ones that go unnoticed?
Should you block these threats using network security before they actually hit your endpoints with detection and sandboxing?
What if you don’t have secure endpoints? Will this create a single layer that hackers can easily penetrate?
Network security involves protecting the devices and files on your network against unauthorized access. It focuses on protecting the integrity, confidentiality, and availability of your data. Network-based security can provide information about traffic on the network and threats that have been blocked. The downside is that so many warnings can be generated that it’s easy to get overwhelmed by the data and false alarms and miss the actual attack.
Network security can also be time consuming. When a viable threat is found, it needs to be investigated, which can be a long process. Networks have also become unpredictable, which makes protecting them using network-based security more difficult.
In the past, network security has been a majority of an organization’s security budget. However, things may be changing. As more security options are moved to the endpoint such as authentication, encryption, and anti-malware, network security is changing.
“It’s certainly not time to rip out the firewall, network security isn’t dead yet. It’s changing,” says Spencer Ferguson of Wasatch Software.
Endpoint security secures end-user devices like laptops, desktops, and mobile devices. It addresses the risk associated with the devices that are connecting to your network. Endpoint security is different than traditional antivirus in that with an endpoint security framework, each individual endpoint is at least partially responsible for maintaining their own security.
“The focus is going away from the network perimeter and to the endpoint because it has to,” says Shane Vinup with Cyber Advisors. “There’s a lot of data and a lot of sensitive data in the wild outside of the firewall. The focus now really is: How do I protect that data? The focus for a security professional has shifted from the perimeter.”
Mike Spanbauer, VP of Research and Strategy at NSS Labs seems to agree that endpoints are important, but has concerns about determining who is responsible for protecting them. “Organizations have more endpoints today than ever, and securing those endpoints is challenging, because it’s rare that any one organization is responsible for all the endpoints that touch its network and servers,” says Spanbauer. “This is why it’s so critical for businesses to identify who’s responsible for securing which endpoints before a security incident occurs.”
Why Not Use Both?
The advantages of endpoint and network security are not mutually exclusive. There are advantages to using both. With network security, anomalies can be identified and confirmed and then endpoints can provide clarification.
To help secure your network, make sure your endpoints are secure. Then make sure your network security is in place to supplement your endpoint protection.