Contemporary business processes depend upon data connectivity channels. But with every channel that a firm opens to its business, an equal and proportionate risk to the web application traffic moving in and out of your data centre is also created. As Distributed Denial of Service (DDoS) attacks become more widespread, so do application-level attacks of increasing sophistication - some of these never before seen.
The ‘Wikileaks’ attacks of late 2010 prompted a rethink amongst many organisations as to what constituted effective protection for their ‘window to the world’ web applications. Some very big organisations had unpleasant experiences with third party ‘traditional’ firewalls simply falling over, overwhelmed from sheer weight of traffic. Their ability to process millions of new connections was found wanting.
F5 recently commissioned a global (including several hundred European firms) survey of medium and large organisations to examine the state of play beyond the high profile cases reported in the media. The results, aggregated from the responses of senior level personnel, showed 100% of firms had experienced cyber-attacks leading to financial losses in the last 12 months.
With the cost of these losses running into hundreds of thousands of Euros, cyber-attacks are also becoming more difficult to defend against, with compromises in DNS, Network Layer DoS and encrypted data being among the most prevalent problem areas.
Although between a third to one half of companies are already using Application Delivery Controllers (ADCs) as a key component in their security infrastructure, almost 100% of firms are discussing an adoption and implementation of ADCs. This is perhaps no surprise in light of the fact that 42% of firms admitting to having had a firewall fail due to network-layer DoS traffic load.
New landscape; new approach
Forward thinking business and technology management have told us that they realise ADCs have a specific role to play as an Internet data centre firewall, replacing some traditional web application safeguards. Our message is simple: the technology landscape has changed, so security provisioning and control needs to change in equal balance.