Thursday, August 21, 2008

Time to Upgrade Network Security

I have taken a more relaxed approach to internet gateways over the years, because most basic routers did a descent job at keeping our typical customers connected.  Most network admins frown at the idea of using a "home" router, such as a Linksys or a D-Link, for an internet gateway in an office; however, for practical purposes and cost savings they have been sufficient.  Many small offices rarely had needs/demands for routers that are more advanced, especially when the price-tag went from a $100 to a $1000.
Times have changed, and home routers are no longer a good option. Primarily because new threats are rampant across the internet and are constantly infecting new targets. We are seeing a trend of infections that are not stopped by anti-virus and regular routers alone; it is finally time to pull out the big guns.
The viruses/threats I am referring to are forms of malware/adware/extorsionware/spyware/etc that are generally installed by the user - unknowingly.  No matter what anti-virus your un (TrendMicro/Kaspersky/Norton/McAffee/AVG/etc) most cannot stop and clean the infections because they are user initiated. They can alert and try to contain them, but generally it is too late.  The result is a few hours in billable time spent on clean-up.
What is different now?
New threats, like the XP Antivirus 2008, will hurt your organization with just one infection.  Once a user - inadvertently - installs the malicious program it will begin spamming. Whether you catch it immediately or not, the software will get a chance to broadcast spam messages which WILL be intercepted by spam traps.  Spam traps are designed to weed out distributors of spam and stop their mail-servers from delivering mail.  As a result, your mail server will become blacklisted within 24 hours and your office communications with the rest of the world will be crippled.  After the infection is contained you will be able to de-list but it is a manual process and can take up to 7 days to complete with some spam-lists.
What can I do about it?
In my view it is no longer an option to risk exposing a network to such threats.  Each outbreak can easily cost a firm $375 (3 hours at $125) of networking time to resolve.  The key to stopping these from spreading is to intercept the malicious code at the internet gateway, and prevent the packets from ever reaching computers inside. Business-class routers with deep packet inspection can do just that.   Your existing antivirus is still important, but it will not handle these threats effectively.
Business-class routers/Deep Packet Inspection?
They are popular and come in all sorts of prices and flavors.  My approach is simple: affordable and complete protection.  For me, this means a SonicWall TZ190 TotalSecure.  They are easy to deploy, cost $995 with a 1 year subscription and $295 each year after that in maintenance.   They will check traffic as it flows into your network and stop packets with malicious code before reaching your computers.  However, if you have more than 25 users, you will need a bigger router, the TZ190's will be working hard to keep your office safe, and going past 25 users will slow them down drastically. 
What should I do now?
You saved about $1000 a few years ago by buying a basic router.  Hopefully that $1000 helped you do other things, maybe even made some cash for you in the process.  Now it is time to invest it into some hardware.  Odds are you will surrender a chunk of it to a malware infection; get a head start and buy something tangible with it.   Give us a call today and we'll order, configure, and deliver your network security appliance.
Additional info about the TZ190 TotalSecure:
The TZ190 TotalSecure is a series of routers with new SKU's for almost ever year they have been around.  We currently offer the latest release of the product. 
The all-in-one solutions remove the complexity associated with choosing between a host of point products and add-on services by integrating everything you need into a convenient, affordable package.

SonicWall TotalSecure combines a high-performance deep packet inspection firewall and dynamic security services to keep your network safe from viruses, spyware, worms, Trojans and more. Even before new threats are identified, TotalSecure solutions are automatically updated with signatures that stop attacks before they can enter your network, ensuring around-the clock protection.
The SonicWall TotalSecure 3G Wireless is a complete high-performance network security platform delivering multi-threat protection and secure 3G broadband network access in an easy-to-use, low cost solution. Combining a deep packet inspection firewall, integrated gateway anti-virus, anti-spyware, intrusion prevention, content filtering and 802.11b/g Wireless LAN access along with type II PC card based 3G wireless broadband support, the TotalSecure 3G Wireless delivers comprehensive security for wired and wireless networks. The foundation of the TotalSecure 3G Wireless is the TZ 190 Wireless which enables organizations to establish secure 3G wireless broadband network access instantly without the need for a fixed Internet connection.

Included with the TotalSecure 3G Wireless is a SonicWall deep packet inspection network security appliance, a one-year subscription to SonicWall Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, a one-year subscription to SonicWall Content Filtering Service Standard Edition, a one-year subscription to SonicWall Dynamic Support 24x7 and a license to use Sonic Wall's ViewPoint reporting software.
Written by Karl J.