MASKINGNETWORKS.COM Home
  • masking
    • Products
    Solutions
    Industries
    Service and Support
    Partner
    Company

     
     
    		 

    The Threat at Layer 2

    Cyber security compliance and network configuration management are becoming increasingly complex and difficult to maintain. Organizations are looking for solutions that secure their networks without increasing management and operational cost and complexity. While much of the buzz is on application security, there is increasing concern over the vulnerabilities and threats existing at the heart of network traffic - Layer 2 of the OSI stack.

    Key Layer 2 threats include unauthorized network mapping, traffic analysis across segments, denial of service, and man-in-the-middle attacks. DOD agencies and Commands such as Army identify “The first stage in a cyber attack is to perform reconnaissance on the target network. The attacker’s goal is to identify targets that either contain the desired information or are critical to network traffic. Following that step, the attacker will determine what is exploitable on the targeted network devices. If the information gathered above is incorrect, the attackers will waste time and resources attempting to exploit systems and services that may or may not exist, which will result in more time for the defenders to take the appropriate response.” These attacks are enabled by exploiting the MAC address of a device as fixed by the manufacturer and which may be decoded using publically available tools. Layer 2 attacks are typified by low level probing to gather information, followed by a targeted attack.  “White Hat” security auditors use Layers 2 and 3 exploits to gain access for penetration testing. However, they generally do not identify the risk to their clients because, until now, they could not offer a mitigation strategy.

    Network product companies acknowledge the user pain at Layer 2 but the market has not produced compelling solutions. Cisco customer support and training materials clearly document Layer 2 vulnerabilities and the challenges with their current switching devices and security monitoring products.  IDS and Firewall vendors acknowledge the risks at Layer 2 by offering transparent operating modes, but with limited functionality.

    Masking Networks has introduced network masking to protect the identity and presence of firewalls, servers, LAN segments, and other devices at Layer 2 and provide a sound foundation for securing Layer 3 and other upper layers.  Effective network masking requires full network interoperability and performance without increasing the network configuration management burden.