Today's Huge Networks Need Agile Security Tools to Ferret Out Malware

NEWS ANALYSIS: With networks getting larger  faster and facing ever more threats, many network products at the GEN15 conference emphasize new approaches to security.

Network Security 2

DALLAS—Over the past year it's safe to say that both metro and global Ethernet are exploding. According to numbers released to the press at the Metro Ethernet Foundation's GEN15 conference here, wide area versions of Ethernet are showing 100 percent growth year over year.

Most of the growth is in networks delivering bandwidth of 1 gigabit or greater. In fact, the MEF has already certified six vendors for 100 Gigabit Ethernet, and networks with that bandwidth are already going into place.

But having all that bandwidth adds to problems in other areas, one of which is security. It's not that such high speeds change the security landscape, exactly; it's that security needs to become more sophisticated to keep up. Finding security appliances that will work at 100G bps requires groundbreaking hardware. And that's only the start.

With the growth of these massive networks, the complexity changes. A typical metro Ethernet may have to work with different edge vendors. The logical network may have to work across varying Ethernet topographies and different network hardware. Furthermore, it may be connected to a wider global network with access in places that are more risky than in the United States.

To top it all off, as these networks have grown, different parts will have different management software and, in many cases, different managers. So the question becomes how to keep the network secure from end to end. As you probably suspect by now, there's also no single solution.

In fact, to ensure that network security is maintained throughout such large networks, it's important to have security products that handle the endpoints as well as the network backbone and individual segments.

For example, Cylance is a security company that's dealing with the problem of endpoint protection. But because the types of endpoints that exist on such broad network environments vary so widely, the company is building security software that protects everything from workstations and servers to devices on the Internet of things (IoT). Those things may include automotive and aircraft control systems, machines on factory floors, point of sale terminals or devices that provide telemetry.

According to Cylance Chief Marketing Officer Greg Fitzgerald, the problem of protecting this vast array of devices means that the company has had to develop security software with a very small footprint that is able to run in a wide variety of environments.

This means that Cylance doesn't use a signature- or heuristics-based anti-malware program, but rather one that's based on predictive analytics. This avoids the need for a huge database of signatures and other data, and Cylance contends that makes its system significantly more effective.

Wayne Rash

Wayne Rash

Wayne Rash is a freelance writer and editor with a 35 year history covering technology. He’s a frequent speaker on business, technology issues and enterprise computing. He covers Washington and...