This document discusses the threats of malware to network security and argues that firewalls alone are not enough protection. It introduces intrusion detection and protection systems (IDPS) as the newest line of defense that can identify and prevent malware intrusion by examining network infrastructure. An IDPS solution scans for known threats, searches for anomalies, and actively blocks malware while allowing normal data. The document claims Windstream's IDPS requires no additional equipment, is cost-effective, and outperforms other products by minimizing risk.

1. WHITE PAPER
Is Your Network Safe Behind Just A Firewall?
Malware Threatens Malicious software or “malware” is the In essence, malware acts like a parasite
Network Security biggest network security threat facing on a network. It is designed to infiltrate
organizations today. Cybercriminals a computer system without permission.
target enterprises that hold a great deal Even the most well-intentioned employee
of money or conduct a high volume of may accidentally download malware –
transactions on a daily basis. A network such as Zeus (Zbot) – from a Web site
intrusion can cost an organization as or open it via an e-mail attachment. The
much as $5 million. And, the damage worm then slips past network security
to a company’s reputation can be measures and hides against the firewall.
irreparable. Statistics show that if a Here, it collects data and absorbs
major security breach occurs against private information passing through,
a U.S. enterprise, that organization such as credit card numbers, account
has a 90 percent chance of going out numbers, or social security numbers.
of business within two years. This is The worm then sends that information
particularly alarming considering that back to the host, who then sells it to
malware is currently the fastest- criminals for identity fraud, e-scams, and
growing trend in the misuse of other personally invasive crimes.
network resources.
The Threat is Real This threat of malware is very real. Just as federal regulators have made
Private information is at risk without efforts to protect privacy through
the proper network security measures. statutes such as HIPAA, Gramm-
Unfortunately, a majority of anti-virus Leach-Bliley, and PCI DSS, compliance
programs and network firewalls cannot standards are moving toward required
protect against intrusion risks beyond advanced network security measures.
viruses and Trojan worms. Organizations
have to be smarter than the criminals
they’re up against.
© Windstream 2012
DATE: 3.27.12 | REVISION: 1 | 009573_Is_Your_Network_Safe | CREATIVE: MF | JOB#: 9573 - Is Your Network Safe | COLOR: 4C | TRIM: 8.5” x 11”

2. WHITE PAPER
A Firewall is Not Enough Today’s malware is so advanced that a network. If there is danger lurking
firewall alone will still leave a network outside the front door (port connection)
vulnerable. A firewall provides a basic and the data finds a way into the home
line of defense by allowing or blocking (the network), it will cause an intense
connectivity to the network through amount of damage. And, although it’s
port connections. Think of a firewall not practical to check your guests’ bags,
like a house: it allows you to close and it is necessary to scan all items entering
lock the doors and windows you don’t your network to determine if they are
want outsiders to have access to, while friend or foe because the network’s
keeping them open for welcome visitors. health and safety rely on it.
The problem with this defense is that the
firewall does not investigate the data that
is allowed to enter the doors on the
IDPS is the Answer Intrusion Detection and Protection In a 2009 survey, Forrester Research
to Malware Systems (IDPS) are the newest line of showed that IDPS is the second most
defense in network security and combine in-demand security solution. Many of the
two levels of network protection into one: solutions on the market today are either
intrusion detection and prevention. These IPS or IDS. Windstream’s IDPS requires
systems identify and prevent malware no additional equipment purchases, and
intrusion by examining information via has the ability to provide powerful and
sensors within the network infrastructure. efficient security while also being cost-
effective for the customer. Windstream
An Intrusion Detection System (IDS) offers an IDPS solution that outperforms
monitors activities on the network by other products in the industry because
searching for malware and producing of its ability to minimize risk and cost for
reports for the system administrator. an organization.
Intrusion Prevention Sensors (IPS) actively
block the malware on the network, IDPS is a substantial part of an
dropping the malicious data while still enterprise security solution used to
allowing normal data to continue on the protect the network. In order to set
network. With IDPS, the solution runs up proper network security, layers
along the MPLS cloud. If the malware of products, software, and solutions
is right on the network’s doorsteps, the need to be in place that protect against
technology is efficient enough to detect various threats. Firewalls, anti-virus
and prevent it from entering before the programs, access controls, and an IDPS
data leaves the cloud. solution are all necessary to achieve
effective network security.
© Windstream 2012

3. WHITE PAPER
How IDPS Works An IDPS keeps risks away from IDPS customer and Windstream’s
important data. It acts like a bouncer security operations center are alerted.
standing outside of a bar checking IDs: Windstream engineers contact the
it detects malware and prevents it from customer about the malicious activity,
hanging out along the firewall. The IDPS and also help remediate the problem.
is constantly scanning the network
for known threats. These threats are Management of an IDPS is just as
identified in several ways, including important as purchasing the solution
through customer-provided data or Web itself. With current IDS or IPS solutions,
security solutions such as McAfee. It is IT professionals need to sift through a
also continuously searching the network wall of network data that likely contains a
for any possible anomalies. great deal of false positives – information
that is classified as malicious, but is, in
Windstream’s IDPS sensors provide fact, harmless. Windstream manages
“zero hour” protection for the customer this process for the customer, and has
so an organization is protected as a 99.9999 percent guarantee against
soon as threats are launched. When false positives, ensuring that the IT
an anomaly is discovered, both the professional’s time is spent in the most
productive way possible.
INTERNET
FIREWALL &
IDPS PRIMARY
SITE 3 MPLS
FIREWALL &
IDPS PRIMARY
SITE 1
INTERNET
EVENT
CORRELATION
SERVERS
SITE 2
This diagram shows the network infrastructure and how the IDPS works in conjunction
with the firewall, and the MPLS cloud, in order to secure the network.
© Windstream 2012

4. WHITE PAPER
The ROI of IDPS The manpower and capital resources In addition, purchasing an IDPS
required to protect against the threat solution is like buying insurance for an
of malware is significant; however, organization’s reputation. As malware
Windstream’s IDPS provides network evolves, network security must keep
protection and a good return on pace. If not, companies will continue to
investment for organizations. Since be at risk for damage to their networks
Windstream’s security engineers and reputations. One network security
provide support for the IDPS, the need breach can bring operations to a
is eliminated for customers to hire screeching stop. An IDPS works along
additional IT staff, complete extra with other network security measures
levels of certification, or incur capital in order to prevent this from happening
costs associated with maintaining and has proven to be the most effective
multiple security devices and information response in evading malware threats.
security providers.
Conclusion The best way to provide adequate data theft. For more information on
security for an organization is to stay Windstream’s IDPS solution, or to have
informed on threats, analyze Windstream evaluate the strength of
vulnerabilities, and work with a partner your network firewall, visit
that can help you build your security www.windstream.com.
solution. IDPS is a crucial layer and
Windstream offers the most advanced
solution to protect your network against
Quick Facts:
In the first quarter of 2010, nearly 27 percent of malware attacks occurred in the United States – second only to Brazil. While 98
percent of malware attacks are conducted by nondiscriminating automated systems, 2 percent are sophisticated hackers
targeting a specific company network.
Nonetheless, cybercrime acts continue to grow, and remain profitable for the hacker:
Internet crime in the U.S. increased 23 percent in 2009
Personal identity sells for $.40 per person on the black market
Healthcare data, such as dental records, sells for $14 per person
009573 | 3/12 © Windstream 2012