Securing the New Network: Firewalls in a mobile world presented at AUScert 2010

by Nicko van Someren,

Summary : While the physical topologies of our networks have not changed a great deal over the last decade, the way in which we use these networks has evolved a long way. Corporate networks are still segmented along geographic and functional lines but their users are increasingly mobile and untethered from the physical net. Services that once resided on corporate servers inside the network now are hosted on clouds of servers in far-flung locations. Where once there were one-to-one mappings between users and services and their respective IP addresses, now the network addresses can vary moment to moment. In this world, old models for network security begin to break down and we need to look at network security problems in a whole new way. In this talk we present a new approach to network security, one that focuses on users, devices and services rather than network topology. We show that thinking about network security in this was can lead to systems that are more flexible and more manageable as well as being more secure.