News

Firewalls fall down in social networks and P2P

Traditional network firewalls are proving ineffective against information security threats from social network applications and peer-to-peer file sharing, says Nir Zuk, the man who wrote Check Point's firewall, one of the most successful firewalls in history.

Zuk, who recently founded Palo Alto Networks after heading NetScreen and then Juniper Networks' security, says traditional firewalls look to see what port traffic routes through to apply its policies. But that approach doesn't work with today's applications because they don't carry port information.

Palo Alto Networks has developed a suite of firewall applications that looks instead at the application, the user and content in order to apply security policies.

This lets companies permit their staff to use social networks such as Facebook and applications such as Skype, knowing that their sensitive corporate data isn't leaking into the public domain.

"It's also effective against spyware, which may be trying to steal corporate data secretly, and file-sharing systems, which also stops malware from proliferating across an enterprise's local and wide area networks," said Zuk.

Tom Millar, CEO of ITC Global Security, a network security management company, says directors have started to accept that managers, not IT, are responsible for information security and stopping data leakage.

The insider threat is most boards' nightmare, he said. "I doubt that any technology will ever stop a really determined attacker, but firms can do a lot with IT to prevent accidental disclosure or theft by outsiders," he said.

ITC has just added Palo Alto Networks to its raft of managed network security offerings, and has customers trialling the technology in both hosted and in-house conditions.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy