Network Infrastructure Security
According to security experts, MSPs face an ever-present management challenge as they work to safeguard their network infrastructure security. That challenge is to identify critical network assets, locate where organizations house these assets and strike a balance between strong, layered defenses and the preservation of functionality and access.
Informed Infrastructure Management Is Key
The root of this challenge lies in knowledge. MSPs may need to comb through mountains of network data in a seemingly unending quest to locate critical network infrastructure assets. With too much data and uncertainty, many IT professionals adopt a one-size-fits-all approach.
This kind of uniform security treats every asset as equally valuable. And if every aspect of a network’s infrastructure is equally important, then each requires equal security monitoring. These demands, of course, are untenable.
Network infrastructures can include numerous pieces of hardware — including routers and cables — and software and network applications that include varied operating systems and firewalls. Network infrastructures also include network services such as internet connections.
Resource-savvy MSPs know to deploy their tightest security for their most critical data. But once the critical assets have been identified, what’s the best way to implement layered security? Writing for the SANS Institute, Karnail Singh suggests a four-layered network infrastructure security approach.
Security Layer 1: Perimeter Defense
This security layer addresses network applications such as firewalls and proxy servers. Somewhere between 70-80% of attacks hit organizations’ internal networks, so these forms of internal defense are essential.
Properly configured routers can protect against a distributed denial of service (DDoS) attack, which floods a server and brings operations to a standstill. By blocking packets with spoofed IPs, network administrators can blunt these attacks. Administrators can also take steps to prevent their networks from participating in a DDoS attack, in part through router-based commands.
Other steps include:
- Controlling filter configurations for privileges and use
- Relying on logging that can trace an attack
- Testing filters to ensure that they’re still operating
Security Layer 2: Operating Systems and Applications Servers
This network infrastructure security layer focuses on operating systems and servers, including web servers, mail servers and application servers.
Operating systems are foundational to layered security. If privileges within an OS are jeopardized, network security at large can be compromised. Administrator privileges in an OS may allow access to firewall settings while exposing critical data on the network.
Steps to improve layer 2 security include:
- Installing operating system updates when available
- Implementing a policy for strong passwords
- Stopping services in Linux workstations that are turned on by default, including HTTP, FTP and sendmail
Security Layer 3: Protecting the Host
With layers 1 and 2, the perimeter defense has been established, and operating systems have been secured. Layer 3 adds onto layer 2 and involves security among workstations. This layer is important because attacks can come from within networks. And despite their strength, firewalls can fail to prevent attackers from breaching internal networks.
To protect workstations, administrators may:
- Develop rigorous user-access policies
- Update patches across workstations
- Run antivirus software across a network of workstations
- Regularly back up workstation data in the event of possible data loss
Security Layer 4: Data Protection and Segmentation
Data encryption adds a fourth layer of protection, both against accidental breaches and malicious attacks. In this layer, IT professionals often:
- Eliminate any auto-fill passwords
- Encrypt outbound data, creating tunneled communication between workstations and servers
In addition to these four layers of security, experts stress the importance of network segmentation. By partitioning off resources and applications, MSPs can ensure that the most sensitive data and assets are not concentrated in one place.
A segmented approach is crucial for organizations, both small and large. And when ignored, the consequences can be disastrous. In its massive data breach in 2013, Target was attacked when hackers gained login credentials from a subcontractor. This subcontractor was a heating and air conditioning company with access to Target’s network.
Once the attackers were inside Target’s network infrastructure, they were able to pivot. They soon gained access the company’s payment system network. This allowed the hackers to install malware across Target’s point-of-sale devices and eventually steal some 40 million credit and debit card records. The disaster could have been partially mitigated if Target had better segmented its networks.
Why Network Infrastructure Security Matters
Those who work in IT understand that network security is a must. MSPs have a unique business challenge as they work to convince organizational decision-makers that a stronger network infrastructure is a worthwhile investment. In these discussions, a review of security threats can help make the case for strong, layered security.
There’s a large market for network infrastructure security solutions. How should MSPs pick an option?
For overworked MSPs, the task is to find a solution that’ll keep operations lightweight and efficient. That’s key when managing numerous networks. At the same time, any solution needs to maintain rock-solid, layered security. It helps, too, to be able to measure the benefits of a solution. This can convince decision-makers that the benefits of services far outweigh the costs.
In other words, MSPs should turn to SolarWinds MSP's (formerly LOGICnow) layered security solution, the most comprehensive option on the market.
Find Your Network Vulnerabilities
With SolarWinds MSP’s MSP Risk Intelligence, you gain complete visibility of your networks’ vulnerabilities. Locate every piece of sensitive information across networks so you can protect organizations against a potentially catastrophic data breach. With MSP Risk Intelligence, you can run deep scans that uncover:
- Personally identifiable information, such as social security numbers, driver’s license numbers, financial information and much more
- Security vulnerabilities spread among servers, workstations, mobile devices and applications
- Protected health information, including medical records and patient photos
- Inappropriate permissions that allow the wrong users to access sensitive information
- The dollar-based security threat to organizations, presented in an easy-to-understand report
Build Up Your Layers of Security
Once armed with this rich information, MSPs can better institute a comprehensive layered security approach. SolarWinds MSP's MSP RMM begins with proactive security that:
- Protects users from malicious websites
- Manages patches for more than 40 Microsoft application families and more than 80 third-party application families
- Safeguards email to stop incoming threats, including phishing, malware and ransomware
Detection is an important first step. But when threats emerge, MSPs have to act on them right away. With MSP RMM, you also benefit from:
- Industry-leading malware protection
- Network-wide login rules that prevent hackers from penetrating your network through brute force
- Device discovery that alerts you when new and unknown devices have entered your network
Detective and proactive security can catch most threats. But if a threat is successful in penetrating a network, MSPs need tools to respond quickly and thoroughly. MSP Backup & Recovery gives you the ability to:
- Recover from backed up data and get up and running, minutes after a disaster strikes
- Restore business service from a virtual server if there’s an attack on your physical servers
- Restore services even during a break in internet service
Learn From Administrators Around the World
With SolarWinds MSP, layered security doesn’t end with rich scans and bulletproof protections; SolarWinds MSP offers security insights from two million endpoints, spanning 175,000 networks.
With analytics that are descriptive, predictive and prescriptive, you’ll be alerted to key issues across your network, like incomplete software installs. You’ll also receive warnings about patch updates that have caused problems for other IT professionals.
Network infrastructures can be complicated and messy, with numerous overlapping vendor solutions to manage. But that doesn’t mean MSPs’ jobs have to be tough.
SolarWinds MSP offers support across operating systems and devices. Plus, our comprehensive dashboard can be managed on smartphones and tablets. Visiting a client’s site? With our mobile app, you can manage tickets, check out service histories and benefit from an interactive field map.
To see how SolarWinds MSP can simplify your life and boost your client roster, start your free trial of MSP Risk Intelligence today!
About SolarWinds MSP
SolarWinds MSP delivers the only 100% SaaS, fully cloud-based IT service management (ITSM) platform, backed by collective intelligence and the highest levels of layered security. SolarWinds MSP’s products — including Risk Intelligence, RMM, Backup & Recovery, Mail Protection, Access Manager, Manager and Anywhere — comprise the market’s most widely trusted integrated solution.
Deployed on millions of endpoints across hundreds of thousands of networks, the platform has the industry vision to define and deliver the future of the market. SolarWinds MSP provides the most comprehensive IT security available as well as the first ever IT notification feature powered by prescriptive analytics and machine learning.
SolarWinds MSP’s passion is helping IT professionals secure and manage their systems and data through actionable insights, rewriting the rules of IT.
For more information, visit www.SolarWindsMSP.com.
Sans Institute: www.sans.org/reading-room/whitepapers/bestprac/infrastructure-security-architecture-effective-security-monitoring
Sans Institute: www.sans.org/reading-room/whitepapers/basics/infrastructure-security-step-step