New research published by Palo Alto Networks™, the network security company, illuminates the fact that roughly 36% of enterprise network traffic is comprised of hundreds of applications that can evade the controls of conventional security solutions by either using SSL or port-hopping capabilities. Contrary to conventional wisdom, the majority of this traffic is not from browser-based applications using HTTP over SSL on port 443.
This represents a significant blind spot that most IT organizations have not yet adequately addressed, and one that is rarely discussed in the security industry.
Available today, Palo Alto Networks has released these and many other findings in the 7th edition of its Application Usage and Risk Report. The report provides a global view into application usage by assessing 28 exabytes of application traffic from 1,253 enterprises between October 2010 and April 2011. The report focuses on three primary findings:
- Exposing the elephant in the room: more than 40% of the 1,042 applications that Palo Alto Networks identified on enterprise networks can now use SSL or hop ports to increase their availability within corporate networks. This segment of applications will continue to grow as more applications follow Twitter, Facebook, and Gmail, who all have enabled SSL either as a standard setting or as a user-selectable option in an effort to create the perception of improved security for its end-users.
- The workplace has become more social: contrary to popular opinion, social networking has not meant the death knell of webmail and instant messenger (IM). Compared with 12 months ago, IM traffic, as a percentage of overall traffic has more than doubled, while webmail and social networking increased nearly five times.
- File transfer technologies are evolving rapidly: as browser-based file sharing applications now use peer-based technology and add clients as a "premium", the question arises: will the business and security risks introduced by browser-based file sharing follow the same path as those that were introduced by P2P? The frequency of file transfer applications – 92% of FTP, 82% of P2P, and 91% browser-based file sharing—each provide business value, but represent security and business risks that may include exploits, malware vectors, and data loss.
"What we learned from analyzing this tremendous amount of enterprise application traffic, which is arguably the largest sample set ever published, is to never assume anything about end-user behavior," said Rene Bonvanie, vice-president of marketing at Palo Alto Networks. "This data should be a wake-up call for IT teams who assume encrypted traffic is mainly HTTPS or for those who still believe that social networking usage is not taking place on their corporate networks."
Application and Threat Information
Information on the more than 1,200 applications that are identified by Palo Alto Networks can be found in Applipedia, part of the company's Application and Threat Research Center. Visit the online resource to find the latest news, commentary, and discoveries on applications and threats at http://researchcenter.paloaltonetworks.com.
To download the Application Usage and Risk Report (Spring 2011), please click here.
About Palo Alto Networks
Palo Alto Networks™ is the network security company. Its next-generation firewalls enable unprecedented visibility and granular policy control of applications and content – by user, not just IP address – at up to 20Gbps with no performance degradation. Based on patent-pending App-ID™ technology, Palo Alto Networks firewalls accurately identify and control applications – regardless of port, protocol, evasive tactic or SSL encryption – and scan content to stop threats and prevent data leakage. Enterprises can for the first time embrace Web 2.0 and maintain complete visibility and control, while significantly reducing total cost of ownership through device consolidation. Most recently, Palo Alto Networks has enabled enterprises to extend this same network security to remote users with the release of GlobalProtect™. For more information, visit www.paloaltonetworks.com.
Palo Alto Networks, "The Network Security Company," the Palo Alto Networks Logo and App-ID are trademarks of Palo Alto Networks, Inc. in the United States. All other trademarks, trade names or service marks used or mentioned herein belong to their respective owners.
