Networks Risk Grounding Without Airport-Level Security
by Nigel Hawthorn - Marketing Director of Blue Coat Systems - Friday, 25 April 2003.
Air Travel Security
Network Security
Check user and destination
Firewall source/destination check
Check passport/ID
Security Gateway validate user with authentication system
Check time and date
Security Gateway time/day rules
Count baggage
Security Gateway bandwidth limits
Weigh baggage
Security Gateway content filtering
X-ray baggage
Security Gateway virus-scanning
Individual metal detector
Security Gateway scan/block mobile code or specific file/MIME-types
Check visa validity
Security Gateway browser, media-player, messenger application
Sniffer dogs (food, drugs etc.)
Security Gateway: ensure data not POSTed to the web
Frequent flyer awards
Logging by individual user
Specific policies depending on destination
Security Gateway granular policies

Once hold baggage is checked, a machine at the airport reads the barcode on the luggage label and directs the luggage to the correct airplane. One customer may have multiple pieces of luggage, but the machine looks at each one on individually and does not know that there may be multiple pieces of luggage that are related. This is similar to a firewall inspecting each packet of data and making forwarding decisions one packet at a time. Whereas firewalls understand packets, or individual chunks of data, and look at the source and destination and see if it matches defined rules, security gateways that address port 80 traffic understand data. They rebuild complete Web content and make decisions based on this content and its parameters. The x-ray analogy is a clear one; port 80 security devices are able to 'look inside' Web traffic and assess whether it is genuine and perfectly innocent, or an attempt by a hacker to test the network's defences.

A web page is made up of many individual pieces of data and may come to the user hundreds of individual packets, so this ability to 'look inside' them is crucial.

The device can then make decisions based on user, file-type, MIME-type, active content type, original web site, time of day, browser, user, group, site of user and other such factors. It can also take individual objects and redirect them to virus scanning devices, something that is not possible if the only understanding gained is on a packet-by-packet basis. There is a further parallel to be drawn over virus scanning, which is similar in its function to x-raying hand luggage, while metal detectors that passengers must walk through are like removing mobile code such as Java and Active-X.

Acting On Intelligence

Security gateways, also, provide an enterprise with complete logs of every user, every request, everything that happens. They allow security-critical statistics to be analysed, such as time online by user, users creating the most Web traffic, most popular sites, split of data by site category, the amount of streaming data and types of browser in use.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th