{"id":1955,"date":"2012-01-31T08:09:51","date_gmt":"2012-01-31T16:09:51","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=1955"},"modified":"2013-08-13T10:45:12","modified_gmt":"2013-08-13T17:45:12","slug":"i-am-a-social-media-fanatic","status":"publish","type":"post","link":"https:\/\/www2.paloaltonetworks.com\/blog\/2012\/01\/i-am-a-social-media-fanatic\/","title":{"rendered":"I am a Social Media Fanatic..."},"content":{"rendered":"<p>I confess. I am a social media fanatic. I have even been called other words \u2013 ones rather unsuitable for this blog.\u00a0 But I love social media; I love how it gives me the ability to stay connected and keep up to date \u2013 both personally and professionally. So you can imagine how excited I was to see the shift in usage patterns from simply browsing to more active uses such as applications, posting, and social plugins. I wasn\u2019t alone\u2026 There were many more fanatics like me! And based on the volume of press around these findings, the media clearly found that exciting as well. These shifts are not all end-user driven \u2013 they are a combination of both personal and corporate use. Organizations are figuring out ways to better their business using social media. We have some great examples of corporate use in the latest <a href=\"..\/..\/aur\">Application Usage and Risk Report.<\/a><\/p>\n<p><!--more-->However, the finding that was most interesting and somewhat surprising to me as a network security professional was the volume of applications that never traverse port 80. We found that 35% of the 1,195 applications never use port 80 and yet consumed 51% of the total bandwidth. These are all your business applications such as Oracle and SAP. The reason for my surprise is the plain and simple fact that I had been lured into the \u201cfocus your security on port 80\u201d trap by the current IT trends: cloud computing, social media, software as a service, and so on. View these and other key findings below.<\/p>\n<div id=\"__ss_11093190\" style=\"width: 510px;\"><strong style=\"display: block; margin: 12px 0 4px;\"><a title=\"Application Usage on Enterprise Networks, December 2011.\" href=\"http:\/\/www.slideshare.net\/Palo_Alto_Networks\/application-usage-on-enterprise-networks-december-2011\" rel=\"nofollow,noopener\"  target=\"_blank\">Application Usage on Enterprise Networks, December 2011.<\/a><\/strong> <object id=\"__sse11093190\" width=\"510\" height=\"426\" classid=\"clsid:d27cdb6e-ae6d-11cf-96b8-444553540000\" codebase=\"http:\/\/download.macromedia.com\/pub\/shockwave\/cabs\/flash\/swflash.cab#version=6,0,40,0\"><param name=\"allowFullScreen\" value=\"true\" \/><param name=\"allowScriptAccess\" value=\"always\" \/><param name=\"wmode\" value=\"transparent\" \/><param name=\"src\" value=\"http:\/\/static.slidesharecdn.com\/swf\/ssplayer2.swf?doc=applicationusageandriskreportdec2011globalfindings-120116180513-phpapp01&amp;rel=0&amp;stripped_title=application-usage-on-enterprise-networks-december-2011&amp;userName=Palo_Alto_Networks\" \/><param name=\"allowscriptaccess\" value=\"always\" \/><param name=\"allowfullscreen\" value=\"true\" \/><\/object><\/p>\n<div style=\"padding: 5px 0 12px;\">View more <a href=\"http:\/\/www.slideshare.net\/\" rel=\"nofollow,noopener\"  target=\"_blank\">presentations<\/a> from <a href=\"http:\/\/www.slideshare.net\/Palo_Alto_Networks\" rel=\"nofollow,noopener\"  target=\"_blank\">Palo Alto Networks<\/a><\/div>\n<\/div>\n<p>The \u201capps not using port 80\u201d finding confirms my view that too much focus on port 80 security is shortsighted and high risk. It is analogous to locking the front door without locking the side and back doors. Do you need to secure port 80? Absolutely! But more importantly, you need to control and protect all applications across all ports, all the time as a means of enhancing the business. This is what I call secure application enablement, or put differently, <strong>the rule of \u201callow but\u2026\u201d<\/strong><\/p>\n<ul>\n<li style=\"text-align: left;\">Allow SharePoint <strong>but<\/strong> control application functions<a href=\"http:\/\/www.paloaltonetworks.com\/researchcenter\/wp-content\/uploads\/2012\/01\/Policy-control.jpg\"><img loading=\"lazy\" decoding=\"async\"  class=\"alignright size-full wp-image-1963 lozad\" title=\"Policy-control\"  data-src=\"http:\/\/www.paloaltonetworks.com\/researchcenter\/wp-content\/uploads\/2012\/01\/Policy-control.jpg\" alt=\"\" width=\"235\" height=\"151\" \/><\/a><\/li>\n<li>Allow Oracle <strong>but<\/strong> protect against SQL attacks<\/li>\n<li>Allow Facebook for all, <strong>but<\/strong> limit posting to specific groups<\/li>\n<li>Allow Twitter <strong>but<\/strong> limit access by schedule<\/li>\n<li>Allow Streaming media <strong>but<\/strong> apply QoS<\/li>\n<li>Block all P2P applications<\/li>\n<\/ul>\n<p>Secure application enablement will allow you to strike the balance of allowing social media but within usage and security parameters that are appropriate for your organization. Secure application enablement will help you encourage the use of business-focused browser-based filesharing applications, but block media-focused variants. And secure application enablement will allow you to restrict the use of remote access tools to only your IT and support staff \u2013 all of which traverse ports other than port 80.<\/p>\n<p>The time of shortsighted application prevention systems (also known as traditional stateful inspection firewalls) is over.\u00a0 The firewall needs to safely enable applications\u2014and business.<\/p>\n<link rel=\"author\" href=\"https:\/\/plus.google.com\/114253851106284887789\"\/>\n","protected":false},"excerpt":{"rendered":"<p>I confess. I am a social media fanatic. I have even been called other words \u2013 ones rather unsuitable for this blog.\u00a0 But I love social media; I love how it gives &hellip;<\/p>\n","protected":false},"author":16,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[31,1814,40,1815,25],"coauthors":[],"class_list":["post-1955","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-application-control","tag-application-usage-risk-report","tag-file-sharing","tag-firewall","tag-social-networking"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/1955","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/16"}],"replies":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=1955"}],"version-history":[{"count":30,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/1955\/revisions"}],"predecessor-version":[{"id":2294,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/1955\/revisions\/2294"}],"wp:attachment":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=1955"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=1955"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=1955"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=1955"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}