According to the ISF, network convergence of voice, data, video, and other service networks is becoming more widespread in an effort to reduce costs and increase flexibility. The practice, however, can leave organizations vulnerable to security threats arising from improper planning and novel, unknown threats.
The ISF, which includes more than 300 private and public sector bodies among its membership, conducted research on the risks vs. rewards of network convergence and has identified four key points to help increase security:
- Protect core network services and infrastructure from malicious attack, accidental mis-configuration and equipment failure.
- Authenticate and authorize users, devices and services to manage and restrict access to the converged network.
- Create and implement a protection framework for end-point devices that can no longer rely on the network for protection.
- Protect and manage services on the converged network using technologies such as encryption and virtual LANs.
“By integrating separate networks onto a common IP infrastructure, organizations are able to reduce duplication, make greater use of resources, simplify management and quickly introduce new services,” said Gary Wood, author of the ISF research. “While the business case for convergence is compelling, information security professionals are faced with protecting merged networks that may consist of thousands of different devices and services based on a protocol that has little inherent security functionality,” he added.
“Convergence is shifting protection towards the devices, services and data itself, with the network providing little more than guaranteed availability”, Wood continued. “While IPv6 does go some way to address these challenges, it is still not widely implemented in many organizations largely due to its complexity and incompatibility issues. Converged networks clearly offer considerable benefits but securing them requires a planned joint approach from network operations and IT departments to facilities and senior management and business users.”
The complete report is available online for ISF members.