Datamation Logo

Network Security: Be Afraid, Be Very Afraid

Home Networks
By Sean Michael Kerner
September 22, 2006
Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

NEW YORK — There’s a lot to be afraid of in the world of network security
threats.

That was the general consensus of a diverse panel at Interop that included
vendors, an analyst and an enterprise user. The panel agreed that NAC
(network access control) isn’t necessarily the solution and that much more
needs to be done within enterprises themselves to properly understand the
threats they face.

“I don’t want to be a FUD [Fear. Uncertainty. Doubt.] dealer but the truth is
there is quite a lot to be afraid of,” Joshua Corman, host protection
architect at ISS (Internet Security Systems), told the capacity crowd.

“It’s time for a reset on education. You can’t defend against what you don’t
understand.”

According to Corman, network security professionals are all chasing
vulnerabilities and compliance-related items. Hackers know this fact, too.
The hackers know what you’re doing.

“The bad guy is getting badder, the techniques better and the volume of
badness worse,” Elliott Glazer, director of security architecture and
consulting at Depository Trust Clearing Corp., said. “We don’t see
solutions keeping pace.”

The issue, though, isn’t entirely about technology or even compliance;
sometimes there may be too much technology in play.

Mike McKinnon, director of security of ProCurve Networking by HP, noted that
his firm advises enterprises to start small when trying to figure out what
they need.

The portion of the enterprise that is most vulnerable from a
business perspective should be addressed first.

“It’s one thing to pass an audit, it’s another thing to be secure,” McKinnon
said.

Glazer agreed with McKinnon and added that his firm started out by putting a moratorium on buying more technology. Instead what he did was look at
their own existing inventory of hardware, platforms, data and devices and
look at the risk of each based on location.

Though NAC technologies are the topic of much buzz
at Interop NYC, panelists weren’t exactly buzzing about it.

“Be very careful when you’re investigating NAC,” Corman advised. “It’s
becoming the buzzword. Everybody says they’ve got a NAC solution but they
really don’t.”

Corman also suggested the enterprises don’t get educated purely by the
vendors about what NAC can do.

“Some of the vendors had a product for something different, and then when NAC
got hot it became a NAC solution,” Corman said. “On this topic there is
extreme exaggeration about what the capabilities are.”

Glazer suggested that enterprises need to think about whether NAC is
actually secure enough for their environments. He advised that even before
an enterprise embarks on the NAC path they make sure they’ve already
provisioned a secure environment.

He also noted that for his own enterprise,
it’s still a little bit too early for him to deploy NAC.

“You can be completely patched and up to date and still get infected by
something,” Corman said. “There is a fundamental assumption that NAC will
make you safer. It won’t make you immune though.”

Forrester Research Security Analyst Paul Stamp pointed out another big
threat, namely the inability of some enterprises to act.

In his experience, people justify security expenses only after they’ve experienced an incident within their own enterprise or are aware of one that their peers have had.

“Our biggest threats are CEOs, not rootkits,” Stamp said somewhat
sarcastically.

Glazer was somewhat more focused on where the threat lies and what makes him
nervous.

“We’re nervous about what we see; it’s a more professional bad guy, code is
getting better fast and that’s scary,” Glazer said.

“Combine that with targeted attacks, the attack is not going to be seen or known and also there are self-deleting attacks.”

Amidst all that nervousness, Corman believes that there is also another
contributing factor for network insecurity, and that might be coming from
security vendors themselves.

This article was first published on InternetNews.com. To read the full article, click here.

  SEE ALL
ARTICLES  
Previous Article
Is Linux vs. Windows a Religious Decision?
Next Article
So Many Portables, So Few Rules

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Networks

8 Best Network Monitoring Tools of 2024 (Free & Paid)

8 Best Network Monitoring Tools of 2024 (Free & Paid)
Applications

OpenVAS vs. Nessus: Top Vulnerability Scanners Compared

OpenVAS vs. Nessus: Top Vulnerability Scanners Compared
Big Data

What is SOX Compliance? Requirements & Rules

What is SOX Compliance? Requirements & Rules
Datamation Logo

Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.

Advertisers

Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.

Advertise with Us

Our Brands

Technologyadvice ServerWatch TechRepublic Enterprise Networking Planet eWeek Project Management eSecurity Planet IT Business Edge
Privacy Policy Terms & Conditions About Contact Advertise California - Do Not Sell My Information

Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.