36 per cent of enterprise network traffic is comprised of hundreds of applications that can evade the controls of conventional security solutions by using secure socket layer (SSL) or port-hopping capabilities, according to the latest Application Usage and Risk Report conducted by Palo Alto Networks.

Palo Alto Networks' Application Usage and Risk Report provides a global view into enterprise application usage by assessing 28 exabytes of application traffic from 1,253 enterprises between October 2010 and April 2011.

Chris King, Palo Alto Networks, said, “The majority of this traffic is not from browser-based applications using Hypertext Transfer Protocol (HTTP) over SSL on port 443. This represents a significant blind spot that most IT organisations have not yet adequately addressed.”

41 per cent of the applications can use secure socket layer (SSL) or hop ports consuming 36 per cent of the overall bandwidth observed.

In Australia and New Zealand 44 per cent of the applications found can use SSL or hop ports consuming 25 per cent of the overall bandwidth observed.

Applications using SSL represent 25 per cent of the applications found and 23 per cent of the overall bandwidth used. This segment of applications will continue to grow as more applications follow Twitter, Facebook, and Gmail that have enabled SSL as a standard setting or a user-selectable option in an effort to create the perception of improved security for end-users.

Dynamic applications (aka, port hopping) represent 16 per cent of the applications found and 13 per cent of the bandwidth consumed. In general, the types of applications that hop ports are consumer oriented and include instant messaging, peer-to-peer (P2P), and video.

The report reveals that despite the growth of social networking, both instant messaging (IM) and webmail continue to show significant growth rates.

King said, “Contrary to popular opinion, social networking has not meant the death of IM and webmail. Compared with 12 months ago, IM traffic, as a percentage of overall traffic increased from 0.4 per cent to 0.9 per cent and webmail and social networking increased nearly 500 per cent.”

The report shows that Facebook is increasingly gaining momentum, with 87 per cent of all social networking bandwidth in organisations being Facebook related. Of the 62 different social networking applications found, the next closest amount of bandwidth is used by LinkedIn at six per cent and Twitter at three per cent.

King said, “While Facebook may be consuming the most bandwidth, the traffic pattern associated with Facebook-posting and Facebook-applications within organisations remains passive. This weakens the argument that social networking is a productivity drain on organisations.

“The report reveals that users are working while their Facebook page is open, nothing more.”

In Australia and New Zealand however, the report showed a more active use of Facebook with Facebook-posting consuming six per cent of social networking bandwidth compared to one per cent globally.

The progression from FTP, to P2P, to browser-based file sharing all show strikingly similar risk and reward characteristics. These applications, found with 92 per cent, 82 per cent, and 91 per cent frequency respectively, each provide business value, but represent security and business risks that may include exploits, malware, and data loss (intentional or otherwise).

In Australia and New Zealand FTP, P2P, and browser-based file sharing were found with 100 per cent, 78 per cent, and 89 per cent frequency respectively. In terms of top applications categories measured as a percentage of bandwidth consumed, ANZ’s file sharing activity is captured at 12 per cent compared to 9 per cent globally. Out of this 12 per cent, browser-based file sharing consumed a lions’ share at 10 per cent of the overall bandwidth, representing heightened business and security risks to Australian and New Zealand organisations.

As browser-based file sharing applications leverage peer-based technology and add clients as a 'premium offering', the question arises as to whether the business and security risks introduced by browser-based file sharing will follow the same path as those introduced by P2P.

King said, "What Palo Alto learned from analysing this tremendous amount of enterprise application traffic is to never assume anything about end-user behaviour.

"This data is a wake-up call for organisations that assume encrypted traffic is mainly HTTPS or that social networking is not being used on their corporate networks. Organisations need to be aware of these applications and how much they are being used so they can appropriately manage the business and security risks,” he said.

To download the Application Usage and Risk Report visit http://www.paloaltonetworks.com/aur.