Take the direct approach to thwarting cybercriminals. Today is a great day to start.
Organizations are paying more attention to cybersecurity than ever before. In fact, a recent ESG survey showed cybersecurity as the top IT priority in 2016. Vendors are responding to the heightened awareness with new innovative ideas for network security.
Traditional methods such as firewalls, ACLs, and network visibility tools cannot be ignored, but new methods for security enforcement as part of an incident response strategy is an area ripe for innovation.
One such solution is the NetSlicer system proposed by a consortium of network equipment makers. With this technology, you install a security system that detects a high probability of a breach, and this activates NetSlicer. Unlike typical network security systems that redirect traffic or block packets, NetSlicer takes a direct approach by activating a robotic arm with a rotating blade tip to cut network cables. It’s augmented by sophisticated vision technology and machine learning to avoid cutting unrelated equipment or personnel in the vicinity.
A direct approach to closing off connection is considered to be the most effective way to provide “air gap” security. Basically, there’s no chance of data leakage if there’s no connection to the outside world. “A disconnected server is a safe server” is the rallying cry of NetSlicer supporters, but detractors counter that a “Disconnected server becomes a useless server.”
Still, there’s no denying that a severed cable will stop any form of data exfiltration. There are some disagreements within the consortium, however, on the speed of the rotating blade tips. Some firms advocate installing four blades running at 1,000 RPM (which creates a 4,000 RPM equivalent force) while others want a single 2,500 RPM blade.
Fibre Channel community responds
A similar effort is promoted by the Fibre Channel community, which recommends the use of lasers to burn through cables. Although the Fibre Channel community is united in the implementation of the standard, there are some safety concerns about the “optics” of using high-powered lasers to enforce security. False positives can result in a tremendous amount of damage to the IT personnel. Yet, as with any technologies, there are multiple uses or unexpected benefits.
One networking manager said, “If the breach is actually performed by a human intruder within the data center, we can actually aim the laser at the criminal, and solve the problem without cutting the data links.”
A software-defined view
There also are opinions from software-defined networking advocates who believe that the NetSlicer method is a hardware-based approach that may not scale in an elastic or cloud environment. If you only have a few blades, how can you actively deal with a large number of switches if the workload has scaled to many racks?
Thus, their solution is to work with the virtual switches with a Virtual SwitchBlade solution that disables the switches. People do wonder how a Virtual SwitchBlade is any different from a simple “deny” rule on network packets, but the military tone sure makes it sound more effective.
April 1 strategy
By creating a new spin on the physical aspect of network security, NetSlicer may provide an extra layer of security that aligns with a defense in depth approach, and this is well worth examining this year -- and every April 1