It is a bizarre truth that on the Internet, creating productivity does not require security. It is far too easy to add yet another device or application onto a network and derive value from it, and yet each new addition brings along its own set of vulnerabilities and potential for malicious use.
For nearly three decades cybersecurity has been developed around outdated device-centric and perimeter-based strategies. Patching systems and updating applications may be effective in countering known threats, but not useful in dealing with unknown threats and operational misuse. As the number of headless ‘things’ are deployed onto networks, the ability to patch/update these things becomes operationally burdensome to non-existent. The combination of mobile endpoints and cloud-based assets have obliterated the concept of the network perimeter, where firewalls and deep-packet inspection engines (otherwise defined as ‘middleboxes’) previously defended sensitive endpoints. Even so, deploying ‘middleboxes’ in the cloud, even virtual ones, often results in significant challenges relative to the dynamic, elastic, and multipath nature of cloud and datacenter architectures.
Curveball Networks is here to provide guidance in developing truly scalable cybersecurity solutions based on the packet-based approach we call ‘contextual forwarding’. From any given device on a network, packets aren’t randomly generated, but rather produced within a given context. This context may be related to properties of the device, user, application, location, time, etc. Contextual forwarding is about the ability of the network to securely forward packets based on its understanding of the context associated with them, rather than being limited to specific functions and attack vectors.
We will be posting a number of articles and papers on contextual forwarding, and cybersecurity in general. Please feel free to reach out to us at firstname.lastname@example.org.