Network security vulnerabilities and threats continue to grow in number and sophistication and for the most part, these malicious actions fall into one of four categories: deception, disclosure, usurpation and disruption. Whether threats are accidental or intentional, they can cause degradation or failure of crucial services within the virtual environment. Below is an overview of the top causes of network performance issues.
Disclosure or Information Leakage
The leaking of sensitive or private information can happen through ARP table poisoning, spoofing the IP address, subverting firewall rules that give the user root access on a node, or escalating privileges.
Attackers can capture messages exchanged between devices to gain access to the content. This is often called sniffing or eavesdropping, and it can result in theft of sensitive, private data. Frequently, this method misleads the physical router to forward data packets, which gives the malicious entity the chance to sniff the packet. Sharing physical resources across multiple networks increases this threat.
Increasingly, data encrypted within network packets face threats as well, and malicious users may analyze certain features to obtain information on which entities are communicating, the frequency of the communication and packet sizes. Other threats include using multiple network requests to provide the topology of the physical infrastructure.
Deception can be further divided into three subcategories: loss of registry entries, identity fraud and replay attacks.
Introspection allows system administrators to validate the current status of virtual devices in real time such as the memory, disk or processor register. Malicious attackers can exploit these functions to gain access to the data inside through the virtual nodes.
Usurpation allows a malicious attacker to gain access to confidential data on virtual routers. These attacks result from exploited vulnerabilities, identity fraud or vulnerabilities that allow a guest user to execute arbitrary code across the host OS.
Physical Resource Overload
Physical resource overload can result in the failure of virtual notes or the degradation of the network performance below stated minimum requirements. This degradation can lead to packet loss or congestion in networks causing disruption across established networks or interruption in new networks. Resource requirements may cause a point-of-conflict by demanding excessive resources concurrently in the same substrate network. This could be an unintentional error, or the result from coordinated attacks. Overloads may also be caused by malicious attacks targeting the physical network infrastructure from within a virtual network, or from external sources. Denial-of-service (DoS) attacks represent the most common type of threat.
Network infrastructures need to offer both high performance, and a high level of resiliency to known threats and vulnerabilities. By focusing on network hygiene issues such as passwords, patch levels, and registration of critical hosts such as servers, IT staff concerned with security can eliminate a huge percentage of potential threats by getting the simple and often overlooked basics right.
At CTEK we are an experienced systems integrator who understands the unique challenges your organization faces in securing your network. CTEK partners with best in class technologies to develop network security solutions that meet your particular technology and budgetary requirements to protect your organization from both external and internal threats.