The simplification of security has long been central to our thinking about Citrix NetScaler.
We see the need for it everywhere—even in my Minecraft situation at home. It’s not that I don’t like Minecraft; who wouldn’t want to play with digital Legos with magical properties? But it’s another story when my son’s hoodlum friends* want to join their who-knows-where-they’ve-been laptops to my network. That’s when I really need a way to keep my network simple, clean, and secure.
Solving my Minecraft problem meant going back to the basics. I segmented the network, removed all L2 paths between subnets and created a simple routing policy that made my actual home network invisible to the game network. Then I added a few Ethernet-level policies to keep devices from accidentally joining the dirty network, and some ACLs to make the router invisible as a termination point for any kind of packet. All good.
How are we going to solve the network security needs in your enterprise?
It’s not unlike my Minecraft example, really.
According to the 2016 CyberThreat Defense Report, you’ve got to overcome three main obstacles: a lack of field personnel, too much data to analyze and low security awareness among employees.
“We have been using NetScaler WAF for more than 2 years now. So far we have used the NetScaler AppFW to protect our web applications. With NetScaler Security Insight we expect to correlate all the data about the attacks, the attackers and their targets in a single dashboard to gain greater insight into the malicious traffic that hits our web portals. Moreover, by mapping the attack distribution from across different regions we will have the opportunity to “surgically” manage geo-location-based policies on a specific Virtual Server on the NetScaler, generating ad hoc reports when needed and without using third party products: in our defense-in-depth model this is a strategic capability. In simple words, NetScaler Security Insight will help us answer some critical questions such as: Where are the weaknesses in our security posture? How many attacks are mitigated by NetScaler? What is the severity, frequency of these attacks. Which attacks are blacklisted?” — Stefano Plantemoli, IT Network and Security Manager, Italian Ministry of Interior
At RSA, we’re showing three new ways NetScaler helps you get it done, simply and cleanly.
IP Reputation is Built-In – The whole idea of a separate IP reputation service that requires yearly renewals never sat well with us. That’s one more thing to have to stay on top of, one more salesperson’s call to deal with, when you’re already stretched thin in the field. It’s the kind of feature that should really be built in, so we did it. IP Reputation is now free with our WAF offering. No service contract.
Security Insight – As the complexity of enterprise networking grows, so does the number of ways things can go wrong among all those ins and outs. And checking them all can mean analyzing an overwhelming volume of data. How do you make securing infrastructure as easy and as mistake-free as possible? By having a platform that points out problems to you—instead of making you sort through endless log files searching for needles in the world’s biggest haystack.
NetScaler Security Insight does this in three ways:
- Identifying configuration patterns and highlights inconsistencies that may weaken your security posture
- Parsing your mountain of NetScaler logs looking for issues that may be dangerous—going beyond anomaly detection for true context-sensitive reporting
- Highlighting any issues with PCI compliance to make the audit process that much easier to work through
There you have it—new, better ways to protect your network. Because when it comes to security, we like to keep things simple, clean—and highly effective. See you at RSA 2016! Can’t make it? You can learn more about NetScaler security solutions right here (though we can’t promise any tips on playing Minecraft).
*To be fair, they’re all great kids. I’m glad they are my son’s friends. However, nothing makes me cringe harder than “Daddy, can you add my friend to wifi?” I just call his friends hoodlums to irritate my son … you know, Dad Humor.