If security firewalls appear not to have changed much, the boxes will discreetly change to monitor uses and malware. In short, if the armour does not change, then its defense patterns will start changing.
UTM systems (Unified Threat Management), are kinds of machines designed to do everything, give the possibility to use both SSL VPN services, antivirus, firewall, IPS, etc., all in a single device. Quite a change from previous iterations! All suppliers offer online services via the cloud to update antivirus defenses or other updates. As is often said, the methods currently used to eliminate threats are based on a “sanitation” after a system has been infected. Although everyone agrees that this is not the panacea, the principle proves to be sufficient when operating in a tightly controlled environment. The traditional view of the firewall (port filtering and / or service) no longer meets the current threats that are often hidden in applications or messages. Conventional controls signature based comparisons are being replaced progressively by sandboxing solutions, a virtualized operating environment that can be erased by a single command if the malware tries to manifest itself.
Sandboxing and Virtualization
In recent years, sandboxing technology has been able to detect unknown malware by simply analysing the behaviour thereof. For now, most vendors offer the function of “sandbox” in the operating system of the server or enclosure. This means that the malware is allowed to be downloaded and run in the heart of the system to see if it generates a real danger or not. It was the argument of Intel to boost its VPro processors with its detection technique on the CPU level. In general, the defense works best at the CPU, but everyone predicted a change in the Cloud.The search for faults and the famous hunting, “exploits” that bypass security at the operating system seems to be an endless struggle in millions of references.To be effective, the tool must eliminate a variety of zero-day attacks and other threats that are otherwise “unaddressed”. The zero-day attack, as the name suggests, occurs the same day a vulnerability is detected in software. This weakness is exploited by attackers before the availability of a fix by the software creator.
The New Wave Holds Up
Currently it is the “Next-Generation” firewalls (NGFW) that are the current star of the firewall world. With them, feeds and filters all have superior control than one can usually hope for on the classic traffic within the network are part of the decisive arguments (read user box). With the rise of software-defined networking (SDN) and the virtualization of networks in general, the firewall becomes more virtual. It is able to move through the network and filter traffic at different levels of the business. With the growth of cloud computing and mobile devices, you can bet on multiplication firewalls located in the cloud as is already the case for the firewall web application (WAF). Many IT companies, such as Prosyn IT Support in Clerkenwell, whom we have remarked in another article as helping Léa Nature Group with their ERP migration, are taking up the battle.
Outsourcing projects: at least two major computer manufacturers plan to increase the share of the budget assigned to them. And this with a preference for the Cloud and IaaS.
Should we host the IT infrastructure of the company internally or externally? More than a computer maker or two plan to host externally. And mainly today in the cloud which takes precedence over other forms of outsourcing as traditional hosting or outsourcing. At the end of this year, half of the corporate information system will be in the cloud, according to a study by research firm IDC. Worldwide, seven out of 10 companies have invested in technology and the remaining 30% will switch in the next two years, says the analyst firm.
Flexibility and Economy is the Key
The CAP study shows the three main reasons for this transition to the Cloud. First comes flexibility and cost reduction, she confirms, for almost 7 companies out of 10. Then, for 6 out of 10 of them is improving the time to market and product development that count. Finally, almost the same number of them (59%) value the implementation of innovative solutions and approaches that justify the passage. “Organizations are implementing cloud strategies that are supported at the highest level- companies are also allocating dedicated resources to maximize the chances of success,” explains Franck Nassah, SVP Operations CAP France. “In addition to the flexibility and financial benefits, the use of cloud is also appealing due to the “ease of use,” says John Zanni, senior vice president of cloud and hosting activities of Acronis.
In the Cloud
“If, instead of exploiting internally four different applications on four different computers, a company decides to run them simultaneously (in virtual machines for example) on a single, more powerful device, it will first pool its IT resources by creating a “Cloud” first level. The savings will be equal to the difference between the full cost of operating the new server and the total cost of the four small computers that require, in addition, a little more administration time and energy,” explains Jean Michel Bérard. If the same company acquires a server or server group, even more powerful devices to host all its applications and those of its subsidiaries, it will have created a “private cloud,” he reports. “The company further increases its savings by pooling across the group purchasing costs, administration, energy, and maintenance of small machines scattered it has replaced.” Still, managing an internal private cloud requires complex technical management, with competent teams dedicated to continuous modernization. To “turn” a data center properly clean, it must control its IT environment from end to end and, ultimately, the opex capex and costs are high. The company can then push even further in the process, adds Jean-Michel Bérard, by “renting” the computing capacity to an external service provider to install applications. “In this case we speak of public cloud IaaS type”. The company then is completely freed of the acquisition of equipment and its administration by relying on the infrastructure established and maintained by its partner. The provider charges in exchange for a fee that “over time, will generally be less than the amount the company invested in the purchase and operation of its own equipment.”
Internal private cloud data center in extension
Beyond the public cloud, service providers in the cloud also offer private clouds today. The idea is simple, to “create a continuation of the data room, as many companies already have in their internal structure in an external cloud provider.” The extension created identifies it as a type of IaaS cloud service able to provide the business user a virtual datacenter with all components that are commonly found in a physical data room – servers, networks, appliances, storage, all recreated virtually – and keep the same configurations and rules of origin systems. Overriding all classical network configurations, rules and policies of confidentiality and business protection: so many possibilities to ensure the security of the infrastructure while according to John Zanni, “many companies are still cautious when discussing security issues. They fear losing control of their data and, especially, not knowing its location.”
Manufacturer and distributor of organic products, Léa Nature Group has chosen dematerialisation to centralise the management of its 24,000 annual supplier invoices. Integrated ERP Yourcegid Y2, the Esker solution, has been adopted to streamline and improve the performance of the accounting department while allowing for business growth. The firm will be hiring an IT support services provider in London, to manage the migration.
Before deployment of the solution, 3 people were in charge of the manual processing of invoices received by mail, including reception, vetting, entry in the ERP, validation and payment. With 20 companies spread over eight sites, facing a complex and time document management, Léa Nature wanted to modernise this process with several objectives: improve the productivity of its teams, streamline multi-site validation and stem the flow of invoices. “Paperless allows us to streamline the process of validation of supplier invoices that has become very complex given our multi-company and multi-site organisation. We selected Esker for their structured methodology and their partnership with Cegid that allowed us to have a real synergy between their solution and our existing accounting tool,”explains SébastienGrinard, CIO of Léa Nature.
Managing a decentralized flow, multi-site and multi-company
In 2014, the first sites digitised invoices that were automatically sent to the Esker platform. The program reads and then checks the invoice accounting entries before triggering an approval workflow. The accounting entry is created in the ERP but blocked until the final validation of the invoice which will then trigger the payment. “Each site scans its own supplier invoices.We save all the phases of transport that significantly increased the processing time and enable our bills without counting document loss that this could cause. Integration into ERP also allows us to have a centralized and seamless flow throughout the chain,” explains SébastienGrinard.
All sites should be operational before the end of the year. In addition to improving productivity and responsiveness of its staff, Léa Nature group anticipates other benefits. Among them, reducing processing times, better visibility and traceability of bills, optimized management of archives, reduced printing costs, a shortening of settlement periods and better control of debt providers.