MadTECH Computers
Managed I.C.T Services Queensland

madBLOG

Step by step guides and product/software reviews for our clients are here:

Security Development

In the Future, there could be no need for any more expensive anti-virus software, and it is in part due to the insecurity of the IoT (the Internet of Things).  The Internet of Things means the myriad of smart devices we are starting to see become available as smart devices for our homes.  Everything from a smart doorbell, to CCTV for home security, to smart light bulbs which are all connected via your Wi-Fi network.

Most of these devices don’t have security built in, and there is no real chance to add to it later, as any updates are too hard to apply and are too expensive, driving up the cost.

There could be an option for the manufacturers to have the smart devices operating from a third party operating system, and the such as KaperskyOS which was first unveiled in 2012, as an operating system for industrial control systems.  But manufacturers would be hesitant to trust a third party Operating System installed on their products.

Another option is for the devices to communicate at the micro kernel level, where the security is installed at the micro kernel level, making it hard for hackers to jump from device to device (for example from the smart light bulbs to your home pc).

When Andrey Nikishin, future technologies projects director at Kapersky was asked if micro kernel protection could be applied at the micro kernel level, he said it is possible, but development would take another 10 years. Nikishin also stated: “we’ve reached the moment where we understand we have to do something, where we have to redesign everything in a more secure way”.

A more viable security option, and one MTC has previously implemented is to take care of security at the perimeter of the internal network, at the router or firewall level.  This means you can have your security policy implemented before traffic gets inside the local area network, or even the router if you use a firewall.

Two options to add security to the LAN are Googles OnHub and the F-Secure Sense (see the footnote).  The On-Hub router offers easy to understand security management and firewall, while the F-Secure Sense aims to offers security for all your smart devices, and scan all web traffic before it gets to your devices, and also can provide VPN, firewall and more.

All companies should consider adding a security device to their network to make sure the network is maintained, and monitored.  It adds another level of protection to the company data.

.  This means security should be done by a device on the network, and working in partnership with the router, if not on the router itself.

This means it could negate the need for anti-virus software on the pc, as the virus scanning will be done by the security device on the network.  There is still a need for security software on the pc, but it will be more endpoint software, which is lighter than anti-virus software, and can almost be cloud-based.  The way it works is that if the device has a query regarding any code or an IP address, it asks the cloud security platform about the reputation of the IP address trying to communicate and whether or not it is safe to accept packets from that address.

The cloud security platform wouldn’t just scan for viruses, but can also check for DDos attacks, ransom ware, and other outbreaks as well.

MTC (MadTECH Computers) have a policy for securing companies internet and LAN traffic to make sure the network is as secure as possible.   Instead of scanning devices for threats, we want to constantly make sure everything is healthy and up to date.  We won’t just make sure everything is up to date, then sit back and wait for attacks, rather we will still make sure there are Anti-virus products in place that are up to date and properly configured.  But to provide efficient Business IT support, we want to add more security to the networks, like firewalls, and routers that have security functionality, VPNS, web traffic scanning etc.

Security devices for Office Networks:

Sophos XG Series or Firewalls:

https://www.sophos.com/en-us/products/unified-threat-management/tech-specs.aspx

For small office:  XG 85 (Desktop Unit)
RRP $405 EX GST + Installation

Firewall throughput 2Gbps
VPN throughput 200 Mbps
Antivirus throughput 330 Mbps
Ethernet interfaces 4

For mid-office XG 210 (1RU)
RRP $2900 EX GST + Installation

Firewall throughput 14Gbps
VPN throughput 1.35 Gbps
Antivirus throughput 2.3 Gbps
Ethernet interfaces 6

kel toyne