Lack of Visibility and Control Puts Enterprise Network Resources at Risk

ConSentry Networks has revealed that nearly 50% of enterprises believe employees and non-employees have access to data that is not relevant to their job function according to a recent survey the company conducted. This alarming statistic demonstrates the extent to which sensitive data is at risk in the enterprise due to the limited intelligence and lack of user and application controls in legacy switching architectures.

Enterprises today are being driven to support a more dynamic workforce and diverse workplace as shown by over 35% of survey respondents saying that non-employees such as business partners, consultants, and guests needed access to network resources on a daily basis.

With the increased demand for access to the LAN, the pressure on IT to protect corporate assets intensifies, yet the tools used to control access to LAN resources are not fit for purpose. Over 63% of enterprises still use password authentication to control LAN access; while 30.7% use network segmentation (ACLs/VLANs) and 24.6% rely on NAC.

"The enterprise is rapidly changing and under pressure to keep control of its network and visibility of users. It needs to adapt quickly to embrace collaboration, yet maintain protection of its network resources", said Alex Raistrick, Director Northern Europe, ConSentry. "Unfortunately, the vast majority of companies are using rudimentary options such as passwords, VLANs or ACLs that provide inadequate security and are awkward and labour intensive to use and deploy."

This was supported by 37.7% of respondents saying it takes 2-3 hours to change VLANs. Yet, 28.9% said they never change ACL/VLANs proving the unwieldy nature of these basic controls and demonstrating how enterprises are not or cannot respond to changing working patterns.

Over 50% of respondents said they needed to audit end user behaviour, while 46.5% needed to simplify how users authenticate to the network based on job function. Nearly 40% meanwhile said IT staff spend several hours a week manually correlating user and application traffic for troubleshooting.

"The message is clear. Greater demand for access to the LAN, in addition to compliance and audit requirements, is forcing companies to provide greater control and accountability of users and resources in a simple way", concluded Alex Raistrick. "Enterprises need an intelligent switching platform that integrates user, role, and application knowledge to deliver control and visibility of the LAN without increasing network complexity."

The ConSentry LANShield Switch authenticates users and devices against standard identity stores and automatically learns their roles. Then for each traffic flow, it identifies the application in use, applies policies based on role, and fully tracks all activities, enabling enterprises to take complete control of their LAN. Rolling out new services and supporting shifting workforces becomes much simpler because the need to manually separate traffic onto different VLANs, implement and update ACLs, and configure QoS policies is eliminated.

The survey conducted by ConSentry was based on responses from networking and IT staff in Finance, Healthcare, Government and High Technology sectors with the majority managing LAN with over 1,000 users.

write your comments about the article :: 2008 Networking News :: home page