Cloud Apps-The Bad Side & Why security applicances are a must

Old No Comments on Cloud Apps-The Bad Side & Why security applicances are a must 19

I recently came across an article which my local newspaper published. The original article is:

This article describes the sharing of pornography using streetchat by teens at one particular school. The part that makes this especially interesting is the fact that this is happening on school grounds, using a school internet connection.  According to the school district where this is happening, this is not the only cloud app that they are having difficulty blocking. New ones come out every day & the school district must figure out how they work in order to block them.

This is in fact an issue for many education institutions & other organizations around the world. Cloud applications like these are becoming more difficult to block because of the unclear nature of their tcp/ip communication methods, sometimes because they may be peer to peer applications . If the content filter/security appliance is not aware of the application, it becomes very difficult to block due to the fact that the  aspects of the  TCP/IP Communication which identify that it is the application, exist mostly at the application layer-which unless deep packet inspection is deployed, can’t be blocked. Normal blocking at the host/port level by a firewall most likely will not be effective because the destination ip addresses which the app communicates with may not always be predictable & blocking the ip addresses & ports may not be effective as those ip addresses maybe shared by other services hosted on the same server.

This is what makes the deep packet inspection security appliances so valuable to organizations like schools need to allow usage of personal mobile devices for the next generation of learning, but keep unwanted activity to a minimum.  One very effective option as a security appliance is Untangle .It can identify application characteristics & block them based upon those.

The cloud driven world is excellent is most regards but it also brings out plenty of challenges.



Mitchell Lewis

Mitchell Lewis is a graduate of Platt Technical High School from the Information Systems Technology program ( Mitchell is knowledgeable in the disciplines of networking, system administration, Active Directory, Windows Servers & System Center Configuration Manager. He is currently a Cisco Certified Entry Level Tech (CCENT Certified). While in at Platt, he built the production network (servers, networking gears-pretty much nuts to bolts) for the Information Systems Technology program’s day to day usage. Mitchell has interned with Quinnipiac University in the Network/Security Division of the Information Services (IT) Department during winter 2013 / spring 2014. While there he gained hands-on experience with Solarwinds Network Performance Monitor, Palo Alto Firewalls, Aruba Airwave (Wireless monitoring tool), Aruba Clearpass ( Network Authentication & Access Control System) as well as Aruba Wireless Controllers(6000 & 7200) & Access points. He also is the Committee Chair for the Wireless Network Committee at Indianfield Campground( He is in charge of coordinating the work of the committee as well as the wireless network project. He plans on attending the University of Connecticut in Stamford, CT in Fall 2014. He welcomes any opportunity to further advance my experience in the IT Field & professional knowledge. His contact information is: Email: LinkedIn:

Related Articles

Leave a comment

Back to Top