Home  /  Empower and Protect  /  Improving Endpoint Security via Obfuscation and Managed Attribution

Improving Endpoint Security via Obfuscation and Managed Attribution

By Tom Badders •  April 18, 2019

Organizations’ network communications depend on the internet.  Attempts to protect the organization’s valuable information using typical methods such as firewalls, intrusion prevention solutions, and network monitoring have proven to be insufficient in combating cyber adversaries.

One of the key reasons for this difficulty is that today’s networks are static.  Cyber adversaries have all the time they want to find the holes in your network and monitor activity until the time is right to attack.

Networks of tomorrow need to be architected in such a way as to frustrate these attackers to the point where they go in search of other networks that are easier to attack.  Networks of tomorrow need to be dynamic.

This week, we announced enhancements to Telos Ghost, a network infrastructure provided as a service that secures your organization’s valuable network resources by providing high levels of obfuscation and encryption.  Network obfuscation is performed by dynamically varying the data paths through the network from source to destination.  Up to four layers of multiple types of encryption are used to protect the data.

The source of the data, as well as the client/user activity, is protected via the elimination of source and destination IP addresses as the data traverses through the network, using a dynamic IP routing methodology.  This creates a highly dynamic network that minimizes the attack surface and frustrates cyber criminals.

Utilizing a virtual desktop infrastructure (VDI) to access Telos Ghost provides another level of separation between the user and the network.  This additional separation of the end user’s client device helps to ensure that identity and location information are not leaked from the device to the internet.  This further allows the organization to manage their users’ attribution. Providing endpoint IP swapping and user-defined point of presence at the internet-facing end of the network ensures endpoint protection from cyber adversaries.

Obfuscating and encrypting data, as well as providing methods of managed attribution at the endpoints, create a dynamic network environment that protects against cyber adversaries.

Telos Ghost privatizes the public internet, obscures and encrypts data, hides network resources as well as users’ identity and location.  Future networks must be dynamic to provide enterprise security at the endpoints by virtualizing end user devices and rotating points of presence, as well as taking advantage of dynamic IP routing at the core.

Tom Badders

Tom Badders

Tom Badders is a Senior Product Manager at Telos Corporation. See full bio...

The Empower and Protect Blog brings you cybersecurity and information technology insights from top industry experts at Telos.

Leave a Reply

Your email address will not be published.

four × two =