Issue link: https://insights.oneneck.com/i/1458399
CHAPTER 5 Ten Evaluation Criteria for Network Security 61 These materials are © 2020 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. Comprehensive Threat Protection The modern threat landscape has evolved into intelligent, tar- geted, persistent, multiphase intrusions. Threats are delivered via applications that dynamically hop ports, use nonstandard ports, tunnel within other applications, and hide within proxies, SSL, or other types of encryption. Within the data center, exerting application-level control between your workloads reduces your threat footprint while simultaneously segmenting data center traffic based on Zero Trust principles. Application-specific threat prevention policies can prevent known and unknown threats from compromising your data center. Additionally, enterprises are exposed to targeted and custom- ized malware, which can easily pass undetected through tradi- tional port-based firewalls and antivirus software. Most modern malware — including ransomware variants — uses advanced tech- niques, such as wrapping malicious payloads in legitimate files or packing files to avoid detection, to transport attacks or exploits through network security devices and tools. As organizations have increasingly deployed virtual sandboxes for dynamic analy- sis, attackers have evolved to focus on ways to evade them. They employ techniques that scan for valid user activity, system config- urations, or indicators of specific virtualization technologies. With the growth of the cybercrime underground, any attacker, novice or FIGURE 5-2: Users access data from different devices and locations.