Concord Technology Group

At Your Service - call 1-866-242-2775

7890 Forest Valley Lane
Concord Township OH, 44077

 

Application Control: A Closer Look

News > Application Control: A Closer Look

Application Control: A Closer Look

 

When delivered as part of a multi-layered approach to network security, application control not only improves your ability to ward off malicious activity, but also mitigates the impact of user-installed software on both bandwidth and productivity (user, help desk, and IT staff), and assists in controlling liability and compliance risks.

Users can access or download a bewildering variety of personal applications, such as web email, IM, free VoIP, P2P, browser toolbars, and various social media. They have become accustomed to accessing these sites or installing applications on their personal computers, and often install them on their business computers as well.

HTTP is the protocol that causes the greatest challenge to policy enforcement and application control. It is now both the highway for critical business applications, as well a common threat delivery mechanism. The ever-expanding network of connected locations (including mobile devices) and users (including partners, customers, franchisees, and agents) rely on HTTP-based applications. This reliance on HTTP traffic enables application-level threats to evade firewall-based policies because the firewalls do not discriminate between legitimate and illegitimate web traffic.

The effect of being unable to control HTTP-based applications goes beyond threat delivery. Not only can they punch holes in network security, but they can also increase both operating and capital expenditures by:

  • Distracting users from productive activity (AOL Instant Messenger, Google.Talk, MSN, QQ, Yahoo Messenger)
  • Consuming network bandwidth (BitTorrent, eDonkey, YouTube)
  • Exposing your organization to security, liability and regulatory compliance risks (Remote Desktop, PCAnywhere, VNC)

Unfortunately, there are technical and political difficulties in enforcing those policies. On the technical side, most firewalls and intrusion prevention systems (IPS) have not been able to distinguish reliably between the applications that are using HTTP tunneling.

A recent study by the University of Melbourne found that users who indulged in what the researchers called Workplace Internet Leisure Browsing (WILB) are more productive than those who do not. The study noted that those who limit such WILB activity to less than 20% of their total time in the office are more productive by about 9% than those who do not.

Application control overcomes these problems by accurately identifying and controlling applications even when disguised by port-switching or tunneling through other protocols. Application control makes this identification based on the packets' behavior as revealed by deep packet inspection and advanced protocol decoding.

If you have questions or concerns about application control, contact us.