eEye Digital Security — Securing Borderless Networks

Securing borderless networks is a huge, growing global issue. The explosive growth of mobile devices is wreaking havoc for those charged with securing networks. Business today involves mobile workers, trading partners, customers and vendors all communicating with each other electronically. Any of these entities visiting your corporate offices walk right past your firewall, posing additional network security exposure.

These risks have redefined the edge of your network – there are no borders

These borderless networks must be secured through innovative means. A multi-layered approach is required for a comprehensive security solution. Each device must be scanned prior to network re-entry, and must do so in a timely and non-intrusive manner. Point products assembled together through multiple vendors are no longer sufficient, as they are difficult to manage and don’t provide a complete solution. An integrated solution, combining network security scanning, perimeter protection, host-based security and a comprehensive management console is necessary to act on, report on and manage your sensitive digital assets.

To meet the challenge of borderless networks, eEye Digital Security offers an integrated solution which includes Retina®, a network centric vulnerability assessment scanner, Blink®, an end-point intrusion prevention system, and REM™, a security management console, that together, offer multiple levels of protection with a scalable architecture to address the security needs of large and complex organizations.

eEYE APPROACH

eEye Digital Security, with over 8,400 deployments worldwide, has developed a best practices approach to address the challenges with securing today's borderless networks. This vulnerability management workflow enables you to align eEye's innovative approach to network security to the real business risks facing your organization, including the protection of your mobile workers and wireless devices.

Discover
The critical first step in identifying, checking and tracking all of the servers, workstations and devices that are attached to your network. All systems and devices can contribute to security threats and ultimate downtime so must be identified and audited.

Audit
The linchpin of the entire vulnerability management process, which entails checking all operating systems, hardware configurations and application configurations. This phase must be fast, non-intrusive, customizable, centrally organized and remotely maintained.

Delegate
Upon completion of a given vulnerability assessment, remediation activities are prioritized and assigned to team members. Rules can be created to automatically delegate security events as tasks according to severity level, origin or vulnerability type.

Remediate
Now it is time to take action, and begin dialogues on how to best remediate the discovered vulnerabilities through a combination of technology, processes, policies and training. As vulnerabilities can impact the entire organization, this step will typically be a multi-departmental effort.

Report
Whether monitoring specific machine information, providing executive level views or communicating other important data, reporting is an important element that must be evaluated along with everything else.

Adapt
The final stage for this workflow comprises the ongoing review of data collected from each preceding stage, and modifying your work flows and security measures to continue increasing security, improving performance and reducing the likelihood of unauthorized security breach.

SOLUTION ARCHITECTURE

Consistent with eEye’s best practices approach to threat management and network security, the architecture of eEye’s borderless networks solution is multi-tiered, starting with a comprehensive assessment and audit of all security threats on all network assets. This is accomplished through a Retina® Network Security scan.

Blink® performs the necessary intrusion prevention protection through the deployment of an agent on each identified network asset. This way each network asset, including mobile workers and wireless devices, may be reported upon, audited and logged, providing the necessary real-time protection each time a network connection is performed.

These events are logged and easily managed through REM™ Event Manager, a central management console, capable of real-time integration through pre-built APIs to larger IT management interfaces including CA’s UniCenter, IBM’s Tivoli and HP’s OpenView. As a whole, this architecture provides the means to holistically view your security resources, and to adapt your security solution over time to provide the optimal level of protection.