by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : January and February 2017
Pervasive encryption is the concept of encrypting as much network traffic as possible. This is widely considered the Gold Standard of security in 2017. That’s particularly true in the federal government arena, which encrypts as much as 90 percent of its network traffic. While this practice clearly improves security, there are real challenges to “going dark,” as the practice of pervasive encryption is often called. One of the biggest issues is dealing with the loss of the network traffic visibility necessary to fully protect agency data and networks. For example, the FBI has repeatedly voiced concerns about how law enforcement is sometimes less effective because it can’t interpret fully encrypted traffic. Besides the lack of visibility, pervasive encryption is causing more organizations to remain unaware of persistent and embedded cyber-attacks over long periods of time. One thing often thing leads to another. An innocuous event leads to someone discovering something “odd,” which leads to another layer of security concern. By the time an Incident Response team is involved, the situation is completely out of hand. “Today’s reality really requires agencies to take a second look at whether their visibility is being impacted,” says Andrew Benhase, Principal Architect with Cisco Systems. “Such a high percentage of traffic encryption today can render some network security technologies less relevant in terms of traditional threat identification.” NEW WAYS TO EXAMINE TRAFFIC What all this means is that agencies and other organizations need new ways to analyze network traffic to maintain or increase their security posture. For example, the behavior pattern within the network is more important than ever before. It can provide more detailed information about the flow of information within the network, even though the information is actually encrypted. With the right technology, IT staff can analyze the packet metadata, or the information collected from the network about what is happening within the network. For example, an agency can use technologies such as NetFlow or IPFIX to collect data from every network component and send it in as information about actual network traffic to be analyzed. The intelligence of some of today’s most advanced solutions can also analyze the IP address attached to the header of each packet and increase tie that into security data being stored elsewhere. Correlating that IP address to a wealth of information within the network can yield critical data, such as usernames, employee names, physical locations of devices, time of login, machine type, posture of the machine and detailed directory information. These capabilities when combined can result in valuable network security information for the analyst. And when combined, this can translate into a security-relevant threat overlay for the entire Enterprise network. More importantly, it provides agencies with an immediate operational understanding of their network—in other words, a very real cyber-situational awareness. “The ability to fuse this information together is critical to cybersecurity today,” says Benhase. “Without it, you are in effect staring at a 12-inch black and white CRT in the 1950’s instead of watching a 65-inch 4K resolution screen mounted on the wall.” FIND THE RIGHT PARTNERS TO ENSURE DEFENSE IN DEPTH Improving cybersecurity these days clearly requires a new approach. That approach must combine traditional cyber technologies like deep packet inspection and next-generation firewalls with newer innovations to help gain dimensional depth against the challenges of an ever increasing world of pervasive encryption. Bringing these security technologies together into a comprehensive Defense in Depth strategy is best achieved by partnering with experienced information security companies—especially those with specific government expertise. With the right partners, agencies can ensure they’re using the most advanced, effective, cohesive solution possible. Manage Advanced Threats in a World of Pervasive Encryption “TODAY’S REALITY REALLY REQUIRES AGENCIES TO TAKE A SECOND LOOK AT WHETHER THEIR VISIBILITY IS BEING IMPACTED.” —ANDREW BENHASE, PRINCIPAL ARCHITECT, CISCO SYSTEMS GameChanger SPONSORED CONTENT NETWORK VISIBILITY FOR COMPLEX NETWORKS IMPROVE CYBERSECURITY WITH NETWORK VISIBILITY http://www.cisco.com/c/en/us/products/ security/stealthwatch/index.html Techniques such as pervasive encryption provide additional network monitoring challenges.
November and December 2016