SINGAPORE – Palo Alto Networks published a new research revealing the fact that roughly 36% of enterprise network traffic is comprised of hundreds of applications that can evade the controls of conventional security solutions by either using SSL or port-hopping capabilities. Contrary to conventional wisdom, the majority of this traffic is not from browser-based applications using HTTP over SSL on port 443. This represents a significant blind spot that most IT organizations have not yet adequately addressed, and one that is rarely discussed in the security industry.
Available now, Palo Alto Networks has released these and many other findings in the 7th edition of its Application Usage and Risk Report. The report provides a global view into application usage by assessing 28 exabytes of application traffic from 1,253 enterprises between October 2010 and April 2011.
The report highlights three primary findings:
Exposing the elephant in the room: more than 40% of the 1,042 applications that Palo Alto Networks identified on enterprise networks can now use SSL or hop ports to increase their availability within corporate networks. This segment of applications will continue to grow as more applications follow Twitter, Facebook, and Gmail, who all have enabled SSL either as a standard setting or as a user-selectable option in an effort to create the perception of improved security for its end-users.
The workplace has become more social: contrary to popular opinion, social networking has not meant the death knell of webmail and instant messenger (IM). Compared with 12 months ago, IM traffic, as a percentage of overall traffic has more than doubled, while webmail and social networking increased nearly five times.
File transfer technologies are evolving rapidly: as browser-based file sharing applications now use peer-based technology and add clients as a “premium”, the question arises: will the business and security risks introduced by browser-based file sharing follow the same path as those that were introduced by P2P? The frequency of file transfer applications – 92% of FTP, 82% of P2P, and 91% browser-based file sharing—each provide business value, but represent security and business risks that may include exploits, malware vectors, and data loss.
“What we learned from analyzing this tremendous amount of enterprise application traffic, which is arguably the largest sample set ever published, is to never assume anything about end-user behavior,” said Rene Bonvanie, vice president, Marketing, Palo Alto Networks. “This data should be a wake-up call for IT teams who assume encrypted traffic is mainly HTTPS or for those who still believe that social networking usage is not taking place on their corporate networks.”