Shifting from Software to Hardware for Network Security

Cybersecurity as a Political and Technical Component of
Modern Business
In the McAfee acquisition announcement in 2010, former Intel CEO Paul Otellini
stated that “[we have concluded that] security has become the third pillar of
computing.” In the time that has passed since that announcement, cybersecurity has
become part of the business landscape as both a political and financial issue as much
as a technical one.
The risks to both business and nation from failing security policies and products make
the investment in better security technologies more than a measure of cost
effectiveness, but of necessity. The entire security product industry relies on a set of
existing codebases and threat models, without the vision or resources to develop new
technologies, nor an evolved understanding of future threats. The barriers to such
transformation, according to surveys from Price Waterhouse Coopers, are seen
differently by CEOs, CFOs, and CIOs; CEOs bemoan capital resources, CFOs cite lack
of leadership, and CIOs complain of lack of education and understanding of the risks
in network security planning

Shortfalls and Failures in Strategic Approach
Multiple news headlines demonstrate why this business component has been critical
to modern government and businesses. Enough incidences have occurred to both
large businesses and to government offices, such as the Office of Personnel
Management, to begin drawing correlations to both the shortfalls in policy and
technology that have enabled these breaches.
The analysis of successful and known attacks include some insiders, many front door
attacks, and almost all were undetected for long periods of time. The primary
question that arises from this data: after 10 to 20 years of software-based malware,
firewalls, intrusion detection system (IDS) or intrusion prevention system (IPS), why
is it that virus, malware, and network breaches continue to occur without detection?
Research by the SANS Institute, Ponemon Institute, FireEye, and other sources show
that persistent cyber attack modelling capabilities developed in Asia and Eastern
Europe are able to emulate and characterize release versions of software-based
firewall components. As the majority of these products can be purchased on the open
market, these products are reverse-engineered and software-simulated. Similar to
how we use sandboxes as a network defense technique for isolating intrusive attacks,
attackers test thousands of different exploit techniques in their own emulation
sandboxes until they can catalog all the successful techniques that work on each
variant of available firewall appliances.
Impacts on Enterprise Business
The cost of this cyber intrusion industry to business is measured every year by the
Ponemon Institute, and is estimated to be about $3.8 million per network breach, and
as much as $450 billion to the global economy.
Impacts on Governments and Politics
Just as impactful but less measurable are the costs of security technology shortfalls in
the effectiveness of governance and international politics. Warfare is being
transformed from an intermittent event to a constant state of attack and defense due
to the lack of data and intrusion definitions and boundaries. This impacts the
country’s ability to conduct normal political interactions and trade activity. The
inability to protect secrets in an open society likewise transforms the ways that the
government can execute its primary role in society.
Overview of Network Security Products and Capabilities
Renowned security expert Bruce Schneier calls security a process rather than a
product. Despite this characterization, the world financial industry has the tendency
to categorize all products and services, creating several classes of products aimed at
helping to secure networks and information systems.Overview of Network Security Products and Capabilities Page 3
Shifting from Software to Hardware for Network Security February 2016 Altera, now part of Intel
Topology of Network Security Solutions
The SANS Institute divides each of the functional elements of network security
control by describing these functions as Critical Security Controls. These controls are
divided into as many as 20 different categories, with control functions such as
Software Inventories, Boundary Defense, Authorization Controls, and Penetration
Testing. Each of these controls then resolve into a number of security product
solutions by a variety of vendors.
Each of these solutions that are provided by companies such as Intel Security, IBM,
Cloudflare, Trend Micro, Skybox Security, HP, Cisco, and Akamai are either software
or a combination of hardware and software. Historically, each of these products
derive from an existing codebase from early products that are run on a variety of
different company server hardware, which often means that old undisclosed
weaknesses are perpetuated from product to product.

每天读点英文  提高阅读能力