Networks: The number one pathway for malware
Infoblox thinks that Networks are the number one pathway for malware.
If we think that network landscapes are complex now, that is because we haven’t factored in the growth of devices and IP addresses that is about to increase exponentially in the years to come. It’s about to become messier than a thousand kilograms of spaghetti noodle.
Think the Internet of Things (IoT) and approximately 30 billion IoT devices being connected worldwide by 2020. This is a figure that will only increase.
President and CEO of Infoblox, Jesper Andersen said, “Any initiative that drives an explosion of IP addresses and more applications, would require enterprise-grade, resilient and stable DDI (or DNS, DHCP, and IP address management) infrastructure.”
This is because corporate networks sorely need to be managed efficiently, especially as the bad guys have become wise to the DNS or Domain Name System being vulnerable to exploitation and infiltration into organisations.
More demanding workloads and evolving working habits, compromise the security of enterprises every day, which also mean that new DDI requirements have to keep up with new security, performance and network postures. Cloud computing for example, has enabled employees to be on-the-move and to work from literally anywhere there is an Internet connection.
Andersen explained, “Traditionally, all apps were hosted in the data centre. I controlled all my IP addresses, and how they evolved. All employees were on the corporate network and I would require remote workers to VPN (virtual private network) into my corporate network. I would also backhaul all network into my corporation, and I could control the perimeter.
“But now, many apps have moved into the public cloud and public Internet, with even legacy apps on the public cloud. The perimeter moves a lot now, and in fact, there is no logical perimeter,” he described, adding that protection for the network has to consider not just the physical environment, but extend itself to virtualised and cloud environments.
The role of DDI
The problem is exacerbated because of hybrid cloud and multi-cloud scenarios, as enterprises want to use a combination of computing resources that give the best bang for their buck and the most convenience and agility. All these comes at a cost to simplicity and security where it really matters – the network.
“So, networking is very different now. For example, for an app in AWS to access an app in Azure, it has to resolve DNS queries,” Andersen said, after briefly explaining that Internet browsers do not know what a URL is, so it will send request to a domain name system (DNS) to translate the URL into an IP address.
Meanwhile, DHCP or Dynamic Host Configuration Protocol is a network management protocol that dynamically assigns IP addresses and other configuration parameters to each device on a network. For example, when an endpoint device finds a Wireless LAN to connect to, it needs an IP address which a DHCP server provides.
Andersen said, “A typical large enterprise may have a million or more IP addresses, therefore they need an application that can structure and manage these IP addresses. Infoblox will manage connections to any kind of service and gets you an IP address.”
The awareness challenge
Today, 75-percent of organisations are concerned that malware will infiltrate their networks due to increase in off-network access. Andersen said, “DNS is the number one pathway for malware, and globally distributed enterprises grapple with the flood of new requests for IP addresses and the onslaught of new network endpoints.”
But according to Infoblox’s ASEAN & ANZ Sales Managing Director, Ken Pohniman, there also has to be more awareness about this, especially in this region.
“The DNS and DHCP are two of the most basic building blocks of any IT infrastructure. For apps to run, before any app can kick in to do what they need to do, they have to do DNS resolution.
“But no one pays any attention to it, as long as it works. When it doesn’t work, it’s chaos.”
This is a fact that becomes very pertinent, with IoT becoming more pervasive in industries, and even in day-to-day living. DDI infrastructure management has to be robust, resilient, able to withstand the rigours of millisecond-to-millisecond requests by network devices that are in billions if not yet trillions in number.
Andersen pointed out, “There are sensors built into everything; even self-driving cars are each becoming a collection of IP addresses and sensors. Not to mention, networks of surveillance cameras in cities, buildings, housing areas, require robust IP address management.” This is only the tip of the iceberg.
To be fair, awareness has grown somewhat the past few years, with Infoblox solutions mushrooming around DNS and DHCP servers.
But the scale at which DHCP servers will have to grow to for all these IoT-driven convenience to work, will be extremely significant.
Awareness about the potential risks this growth will attract, has to increase as well, and especially in this region, as Pohniman points out that companies in this part of the world, are 35-percent more likely to be attacked than the global average.
As an established DDI industry leader with 50-percent market share, Infoblox leverages their years of experience in core DDI services, to provide an actionable network intelligence with a single, unified solution.
Andersen described, “This single pane of glass empowers distributed enterprises to fully control, secure and analyse every aspect of their network, and leverage context-aware threat intelligence to defend against attacks.”