News
Integrated User and Application Knowledge Needed According to ConSentry
June 2008 by ConSentry Networks
ConSentry Networks has revealed that nearly 50% of enterprises
believe employees and non-employees have access to data that is not
relevant to their job function according to a recent survey the company
conducted. This alarming statistic demonstrates the extent to which
sensitive data is at risk in the enterprise due to the limited
intelligence and lack of user and application controls in legacy
switching architectures.
Enterprises today are being driven to support a more dynamic workforce
and diverse workplace as shown by over 35% of survey respondents saying
that non-employees such as business partners, consultants, and guests
needed access to network resources on a daily basis.
With the increased demand for access to the LAN, the pressure on IT to
protect corporate assets intensifies, yet the tools used to control
access to LAN resources are not fit for purpose. Over 63% of enterprises
still use password authentication to control LAN access; while 30.7% use
network segmentation (ACLs/VLANs) and 24.6% rely on NAC.
"The enterprise is rapidly changing and under pressure to keep control
of its network and visibility of users. It needs to adapt quickly to
embrace collaboration, yet maintain protection of its network
resources," said Alex Raistrick, Director Northern Europe, ConSentry.
"Unfortunately, the vast majority of companies are using rudimentary
options such as passwords, VLANs or ACLs that provide inadequate
security and are awkward and labour intensive to use and deploy."
This was supported by 37.7% of respondents saying it takes 2-3 hours to
change VLANs. Yet, 28.9% said they never change ACL/VLANs proving the
unwieldy nature of these basic controls and demonstrating how
enterprises are not or cannot respond to changing working patterns.
Over 50% of respondents said they needed to audit end user behaviour,
while 46.5% needed to simplify how users authenticate to the network
based on job function. Nearly 40% meanwhile said IT staff spend several
hours a week manually correlating user and application traffic for
troubleshooting.
"The message is clear. Greater demand for access to the LAN, in addition
to compliance and audit requirements, is forcing companies to provide
greater control and accountability of users and resources in a simple
way," concluded Alex Raistrick. "Enterprises need an intelligent
switching platform that integrates user, role, and application knowledge
to deliver control and visibility of the LAN without increasing network
complexity."
The ConSentry LANShield Switch(tm) authenticates users and devices
against standard identity stores and automatically learns their roles.
Then for each traffic flow, it identifies the application in use,
applies policies based on role, and fully tracks all activities,
enabling enterprises to take complete control of their LAN. Rolling out
new services and supporting shifting workforces becomes much simpler
because the need to manually separate traffic onto different VLANs,
implement and update ACLs, and configure QoS policies is eliminated.
The survey conducted by ConSentry was based on responses from networking
and IT staff in Finance, Healthcare, Government and High Technology
sectors with the majority managing LAN with over 1,000 users.
