Today, many applications share the same port while some Web 2.0 applications use multiple ports. Malicious applications can use non-standard ports and SSL encryption to avoid detection and control. Application control is no longer simply managed by allowing or blocking the ability of users to "run" an application.
To prevent data loss and network security threats, organizations must control legacy applications as well as Web 2.0 applications. Applications filtering is critical to lock down the network. Moving forward, we suggest network administrators consider the following:
- Do you have a comprehensive enterprise network security policy and plan?
- What means do you have to monitor and block malicious Web 2.0 applications threats?
- Are end users able to effectively perform their job functions without putting corporate information at risk in terms of attacks and/or confidentiality?
- Would a way to effectively control the use of internet-based applications improve overall enterprise network security?
Do you have any war stories or suggestions around the topic of network security related to Web 2.0 applications? To learn more about PTS' network security approaches, please contact us or visit the PTS website.
Posts
We have had a couple of issue with are network and web 2.0 applications. we have removed all access to flash and java apps and blogs/social media. We have to white list websites that people require access to but it is very time consuming. I did not realise hackers can use ssl encryption to stop traces. That is very scary, we got hacked around 2 years ago and they change all are printer names it was good they only got access to the print server.
ReplyDelete