Network firewalls were created to block unauthorized content and code from the network while ensuring the unimpeded flow of data packets vital to the operations of the enterprise. But they were designed to intercept external incursion, not prevent security issues inside the network.
Firewalls are conceptually sound, but execution often leaves network and security teams scrambling to patch flaws and fix mistakes that hackers have already discovered and exploited. Worse, once bad data packets such as malware enter into the network they may have unimpeded access to that “East-West” traffic inside the network.
But hackers have a field day probing for gaps in network defenses in order to plant malware. The vast majority of malware uses the DNS protocol for command and control, data exfiltration, and to deliver malicious payloads onto a network undetected. And employees increasingly are bringing devices into the network that could have been infected outside of the network. Once inside the network, these rogue programs too often are able to spread from device to device undetected, taking advantage of east-west flows.
Read more
Source : csoonline