Both governments and businesses must continuously assess the use of new applications and services that bring efficiencies and improve operations. As such, they must weigh the business benefits from the adoption of newly desired applications against potential risk to the organization, its data and other resources. If applications are not appropriately secured in the business network, today’s attackers can hide within the very communication mechanisms the applications use.
The premise that applications use only a specific set of well-known TCP or UDP ports is misguided, however, as applications are not so well-behaved anymore. They may use encryption, bind to arbitrary ports or even hop ports during a session. Attackers can hide their malicious activities in plain sight by “piggybacking” through existing port- and protocol-based security policies in firewalls. Network security that controls application traffic based only on ports and protocols expose their businesses to greater risk of successful cyberattacks which may culminate in identity theft and data breach.
Palo Alto Networks App-ID™ technology forms a foundation from which to reduce the attack surface, allowing administrators to safely enable applications through policies that allow or deny them contextually by specific users or groups. Attacks that try to evade detection by masquerading as legitimate traffic, hopping ports or sneaking through the firewall using encryption (TLS/SSL or SSH), are seen and stopped.
Download our use case "Secure the Network through Application Visibility" for the benefits of this approach, along with some common concerns over adoption, and read about the experiences of several anonymous customers across different industries who made this transition successfully.
For more information on cybersecurity for the financial sector, visit our Financial Services industry page at https://www.paloaltonetworks.com/security-for/industry/financial-services.html
