Users and Vendors Speak Out: Intrusion Detection and Prevention
|
|
- Hilary Henderson
- 8 years ago
- Views:
Transcription
1 Market Analysis Users and Vendors Speak Out: Intrusion Detection and Prevention Abstract: With network security concerns multiplying, intrusion protection systems are a hot commodity. But don't count out intrusion detection systems just yet. They still offer useful forensic and legal benefits. By Elroy Jopling and Andy Rolfe Strategic Market Statements An intrusion protection system (IPS) represents a new technology in the early stages of the Hype Cycle, so expect the hype to intensify and disillusionment to follow; it does offer a significant degree of future potential that enterprises should keep abreast of and test on noncritical applications. Even though we went through a lot with the intrusion detection system (IDS) in false positives and performance issues, don't throw them out as they can be useful because of the detail they provide for attack signatures, which can be of forensic and legal benefit. Automated patch management systems are further along than most enterprises are aware and should be reviewed for their primary purpose of ensuring all users stay up to date with the latest patches; automated patch management can provide a methodology for ensuring a new user comes on to the system with the correct security posture to ensure the last defense the patch is there. Publication Date:4 August 2003
2 2 Users and Vendors Speak Out: Intrusion Detection and Prevention Introduction IDS has proved to be of questionable value. At the same time, IPS and automated patch management, although in their infancy, seemingly offer significant potential. Unfortunately, in a parallel, hacker attacks have become more efficient, and the velocity of the propagation of these attacks has increased greatly. Enterprises must simultaneously follow the evolution of these technologies and attacks. (Note: The body of this Perspective reflects the thoughts of users and vendors, not specifically those of Gartner. The users' and vendors' thoughts are from the Gartner IT Security Summit 2003 as part of Sector5 telecommunications and information services users and vendors industry panel discussions.) Intrusion Detection, Response and Prevention IPS is within the early stage of moving up the Gartner Hype Cycle (see "Hype Cycle for Transportation Technologies, 2003," R ), with two to five years before reaching the adoption plateau. IDS is considered obsolete before having reached the adoption plateau. IDS tried to characterize attacks by "malicious signature" (a profile that might indicate trouble). IPS looks at more specifics such as known hacks, protocol violations and abnormal traffic conditions. In some ways, IDS tried to catch everything, failing to do so because of false positives. IPS should be much better at preventing (and not just finding) known hacks and actual violations, but not so good at identifying malicious behavior. IPS is a tool to prevent attacks. If a new attack occurs, a worm may be created to run wild on your system. No patch is available for this. Even with a patch, if you have 100 systems and take 10 person hours per machine to patch, it will cost 1,000 person hours obviously taking too much time. With an accurate reliable signature of the attack, the IPS can peel off trafficasitentersyoursystem. A multimethod approach of doing intrusion detection is required, for example, upfront protocol validation and checking the uniform resource locator (URL) against a set of absolute values from a signature file. Where are users placing the IPS in position to the firewall? Forty percent before, 40 percent after and 20 percent are for dedicated systems (for example, Web farms and hosting facilities). An IPS may stop the problem, but it is not a cure. A patch may be required Gartner, Inc. and/or its Affiliates. All Rights Reserved. 4 August 2003
3 3 Don't Throw Out Your IDS IDS may be a technology that has come and gone or has it? For many users, IDS is considered a waste of money. But then again, the waste may be the result of the people who interpreted the results. In the last few years, we have suffered through a lot with IDS, including a number of false positives and performance issues. However, don't throw out your IDS just yet. IPS may stop an attack, but it does not keep the full "flavor" of the signature. IDS can be useful for forensics and legal reasons. A hacker will use some sort of vulnerability-scanning tool to see what holes you have. Not all hackers are equal; some will leave traces in your IDS logs that can lead to their apprehension. Security Patches and Patch Management No software will be perfect: Security patches will always be a requirement as the last defense. Software has become more complex, with various versions, numerous patches and resulting impacts with other applications. Software has become a living entity. When vendors make new patches and fix a major vulnerability, they also fix five or six unknown or hidden vulnerabilities, effectively complicating the assessment of a new patch. With more enterprises getting on the Web, the speed required to get patches out is becoming a significant issue. Most enterprises don't realize the technology is available for automated patch management. Ninety-nine percent of the people hit with the Slammer virus didn't have a policy in place to manage the existing patch. Some enterprises want their system shipped with security on. Tools are available so that when you plug in a new computer it is automatically updated with the patches you have defined. Patch management systems will become more automated and will include software updates for the firmware in the network hub, routers and switches, handheld devices, and wireless. What's Next? Slammer's Conspiracy Theory The speed of replication of new attacks raises frightening possibilities. Slammer just tried to replicate itself. Seventy thousand hosts were infected in 30 minutes Gartner, Inc. and/or its Affiliates. All Rights Reserved. 4 August 2003
4 4 Users and Vendors Speak Out: Intrusion Detection and Prevention Gartner Dataquest Perspective Slammer may be just the warm-up, as it infected but didn't do anything significant. Its damage could have been much worse: It could have formatted the hard drive. Hackers continue to increase the velocity of the attacks as though they are fine-tuning their exploits, getting the algorithms right, seemingly preparing for the next wave of attacks. Slammer was many times faster than Code Red. The threat of "cyberterrorism" has become much more of a reality. Other Vulnerabilities and Concerns Still more vulnerabilities and concerns exist: Many old hubs, routers and switches are out there running on vulnerable old firmware. Expect to see hackers begin to attack these older systems. In the last couple of years, "denial of service" attacks have become more common and much more expensive. They will persist because of fundamental problems with Transmission Control Protocol (TCP)/Internet Protocol (IP). IPS is a new technology in the early stages of the Gartner Hype Cycle. Expect to see IPS garner more press and more enterprise interest, as conceptually it is a sound idea meeting a real enterprise need. With the hype will follow an overestimation of IPS's capabilities and the resulting slide down the Hype Cycle. The question is, with what velocity will IPS drive through the Hype Cycle? Considering enterprise interest, this velocity may be fairly rapid. It will become a replacement for IDS, but its relationship to IDS may also be a retarding factor, as enterprises are "once burned, twice shy." IPS represents a technology that enterprises should track and, where applicable, a methodology to test on noncritical applications. IDS has ridden the waves of the Hype Cycle and now languishes in the Hype Cycle's Trough of Disillusionment a final resting spot. Don't throw out your existing IDS as it has value from a forensics and legal resource perspective. But equally, don't invest further in the technology. Security attacks are bad enough, but knowing an attack could have been preventedwithanavailablepatchmakesitmuchworse.theformerhas been accepted as a cost of doing business, while the latter has become a legal liability to the enterprise. Patches are the last defense and the final solution. Automated patch management tools can represent a methodology to ensure patches are applied, but also a methodology to ensure new users are up to date before even entering the enterprise network. It will get worse before it gets better. Slammer may be a precursor to the speed of attacks to come, and if the attacks become more vicious (an extra few lines of code), the ramifications could be catastrophic Gartner, Inc. and/or its Affiliates. All Rights Reserved. 4 August 2003
5 Moreover, it will become more complex before it becomes simpler. As networks, hardware and applications become faster, the threat is heightened, and the processing speed required to change from detection to prevention must be faster. The costs of preventing intrusion will become more expensive. 5 Key Issue How are network security concerns impacting enterprise communications networks? 2003 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 4 August 2003
6 6 Users and Vendors Speak Out: Intrusion Detection and Prevention This document has been published to the following Marketplace codes: TELC-WW-DP-0570 For More Information... In North America and Latin America: In Europe, the Middle East and Africa: In Asia/Pacific: In Japan: Worldwide via gartner.com: Entire contents 2003 Gartner, Inc. and/or its Affiliates. All rights reserved. Reproduction of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice
Midsize Enterprises Lead in Adoption of Payment Outsourcing
Research Brief Midsize Enterprises Lead in Adoption of Payment Outsourcing Abstract: More than one-third of midsize enterprises plan to use payment outsourcing by 2004. New areas of interest include automated
More informationIT Services Opportunities in IP Telephony (Executive Summary) Executive Summary
IT Services Opportunities in IP Telephony (Executive Summary) Executive Summary Publication Date: 12 January 2004 Author Eric Goodness This document has been published to the following Marketplace codes:
More informationNorth American Call Centers Market Share and Forecast, 2002 (Executive Summary) Executive Summary
North American Call Centers Market Share and Forecast, 2002 (Executive Summary) Executive Summary Publication Date: July 11, 2002 Authors Drew Kraus Lily Yu This document has been published to the following
More informationEnterprise Resource Planning Software Market: Europe, 2002 (Executive Summary) Executive Summary
Enterprise Resource Planning Software : Europe, 2002 (Executive Summary) Executive Summary Publication Date: 20 August 2003 Authors Fabrizio Biscotti Chris Pang Chad Eschinger This document has been published
More informationManagers Begin to Apply Business Activity Monitoring
Research Brief Managers Begin to Apply Business Activity Monitoring Abstract: Managers are not fully using real-time capabilities for decision making; they implement BAM with basic analytic methods instead
More informationHow Deal Size Matters in IT Infrastructure Outsourcing (Executive Summary) Executive Summary
How Deal Size Matters in IT Infrastructure Outsourcing (Executive Summary) Executive Summary Publication Date: 2 January 2004 Author Bruce M. Caldwell This document has been published to the following
More informationResponsible Vulnerability Disclosure: Guidance for Researchers, Vendors and End Users
Research Publication Date: 17 October 2006 ID Number: G00144061 Responsible Vulnerability Disclosure: Guidance for Researchers, Vendors and End Users Amrit T. Williams, John Pescatore, Paul E. Proctor
More informationSmall and Midsize Business IT Outsourcing Vendor Market Trends, 2003 (Executive Summary) Executive Summary
Small and Midsize Business IT Outsourcing Vendor Market Trends, 2003 (Executive Summary) Executive Summary Publication Date: 15 January 2004 Author Robert H. Brown This document has been published to the
More information2002-2003 Web Services Development, North America (Executive Summary) Executive Summary
2002-2003 Web Services Development, North America (Executive Summary) Executive Summary Publication Date: 3 July 2003 Authors Nicole S. Latimer Colleen Graham Joanne M. Correia Norma Schroder This document
More informationManaging Security Risks in Modern IT Networks
Managing Security Risks in Modern IT Networks White Paper Table of Contents Executive summary... 3 Introduction: networks under siege... 3 How great is the problem?... 3 Spyware: a growing issue... 3 Feeling
More informationOrganizations Must Employ Effective Data Security Strategies
Research Publication Date: 30 August 2005 ID Number: G00123639 Organizations Must Employ Effective Data Security Strategies Rich Mogull Organizations can best protect data through a hierarchical data security
More informationManaging Vulnerabilities For PCI Compliance
Managing Vulnerabilities For PCI Compliance Christopher S. Harper Vice President of Technical Services, Secure Enterprise Computing, Inc. June 2012 NOTE CONCERNING INTELLECTUAL PROPERTY AND SOLUTIONS OF
More informationBusiness Intelligence Software Market: Europe, 2002 (Executive Summary) Executive Summary
Business Intelligence Software : Europe, 2002 (Executive Summary) Executive Summary Publication Date: 9 January 2004 Authors Fabrizio Biscotti Colleen Graham This document has been published to the following
More informationHome Cable Providers Combine Voice, Video, Data
Research Brief Home Cable Providers Combine Voice, Video, Data Abstract: Cable service providers are looking to the three-way combination of video, voice, and data to increase revenue. Will this new format
More informationHow To Make A Call Center More Independent From The Physical Infrastructure
Market Analysis Software Suites Will Dominate Europe's Call Center Market Abstract: By 2006, sales of IP-based call centers in Europe will exceed those of TDM systems, but adoption of independent server-based
More informationHow To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)
NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content Filtering
More informationCIO Update: Enterprise Security Moves Toward Intrusion Prevention
IGG-06042003-03 J. Pescatore, R. Stiennon Article 4 June 2003 CIO Update: Enterprise Security Moves Toward Intrusion Prevention As targeted hacker attacks increase, intrusion prevention is gaining importance
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More informationOutlook for the CRM Software Market: Trends and Forecast (Executive Summary) Executive Summary
Outlook for the CRM Software Market: Trends and Forecast (Executive Summary) Executive Summary Publication Date: October 30, 2002 Authors Thomas Topolinski Chad Eschinger Pranav Kumar This document has
More informationSCADA SYSTEMS AND SECURITY WHITEPAPER
SCADA SYSTEMS AND SECURITY WHITEPAPER Abstract: This paper discusses some of the options available to companies concerned with the threat of cyber attack on their critical infrastructure, who as part of
More informationNow Is the Time for Security at the Application Level
Research Publication Date: 1 December 2005 ID Number: G00127407 Now Is the Time for Security at the Application Level Theresa Lanowitz Applications must be available, useful, reliable, scalable and, now
More informationIT asset management (ITAM) will proliferate in midsize and large companies.
Research Publication Date: 2 October 2008 ID Number: G00161024 Trends on Better IT Asset Management Peter Wesche New exiting trends will lead to a higher adoption of asset management methodologies. Tighter
More informationEndpoint Security Management
Endpoint Security Management LANDESK SOLUTION BRIEF Protect against security threats, malicious attacks and configuration vulnerabilities through strong endpoint security control and maintenance. Protect
More informationNetDefend Firewall UTM Services
NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content Filtering (WCF) for superior
More informationWhat Do You Mean My Cloud Data Isn t Secure?
Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there
More informationNew Sales and Marketing Models Required to Sell Business Process Services
Research Brief New Sales and Marketing Models Required to Sell Business Process Services Abstract: Numerous internal and external catalysts of change are forcing service providers to continuously reassess
More informationHIPAA Compliance Hindered by Lagging Vendors
Markets, M-21-473 W. Rishel Research Note November 3 HIPAA Compliance Hindered by Lagging Vendors Independent software vendors are significant contributors to the delays on HIPAA transactions. Their customers
More informationOrganizations Should Implement Web Application Security Scanning
Research Publication Date: 21 September 2005 ID Number: G00130869 Organizations Should Implement Web Application Security Scanning Amrit T. Williams, Neil MacDonald Web applications are prone to vulnerabilities
More informationNetwork Instruments white paper
Network Instruments white paper USING A NETWORK ANALYZER AS A SECURITY TOOL Network Analyzers are designed to watch the network, identify issues and alert administrators of problem scenarios. These features
More informationAnalyzing Logs For Security Information Event Management
ZOHO Corp. Analyzing Logs For Security Information Event Management Whitepaper Notice: ManageEngine shall have no liability for errors, omissions or inadequacies in the information contained herein or
More informationAnalyzing Logs For Security Information Event Management
ZOHO Corp. Analyzing Logs For Security Information Event Management Whitepaper Notice: ZOHO Corp. shall have no liability for errors, omissions or inadequacies in the information contained herein or for
More informationCHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations
More informationIQware's Approach to Software and IT security Issues
IQware's Approach to Software and IT security Issues The Need for Security Security is essential in business intelligence (BI) systems since they have access to critical and proprietary enterprise information.
More informationNotebook Market Predictions, 2003
Notebook Market Predictions, 2003 Dataquest Predicts Abstract: Microprocessor churn, a disappointing Tablet PC introduction, increasing wireless hot spots and wireless interfaces plus higher memory and
More informationAnalyzing Logs For Security Information Event Management Whitepaper
ADVENTNET INC. Analyzing Logs For Security Information Event Management Whitepaper Notice: AdventNet shall have no liability for errors, omissions or inadequacies in the information contained herein or
More informationHierarchy of Needs for Content Networking
Technology, M. Fabbi Research Note 28 October 2002 Hierarchy of Needs for Content Networking Enterprises should understand the hierarchy of needs for content networking, which is illustrated by examining
More informationAnalyzing Logs For Security Information Event Management Whitepaper
ADVENTNET INC. Analyzing Logs For Security Information Event Management Whitepaper Notice: AdventNet shall have no liability for errors, omissions or inadequacies in the information contained herein or
More informationAsia/Pacific VoIP: A Change of Heart
Asia/Pacific VoIP: A Change of Heart Market Analysis Abstract: Voice over IP, which has been struggling to get off the ground for a long time, is beginning to take off in Asia/Pacific, especially in the
More informationNetDefend Firewall UTM Services
Product Highlights Intrusion Prevention System Dectects and prevents known and unknown attacks/ exploits/vulnerabilities, preventing outbreaks and keeping your network safe. Gateway Anti Virus Protection
More informationIntrusion Detection. Tianen Liu. May 22, 2003. paper will look at different kinds of intrusion detection systems, different ways of
Intrusion Detection Tianen Liu May 22, 2003 I. Abstract Computers are vulnerable to many threats. Hackers and unauthorized users can compromise systems. Viruses, worms, and other kinds of harmful code
More informationSymantec Security Information Manager 4.8 Release Notes
Symantec Security Information Manager 4.8 Release Notes Symantec Security Information Manager 4.8 Release Notes The software described in this book is furnished under a license agreement and may be used
More informationTowards End-to-End Security
Towards End-to-End Security Thomas M. Chen Dept. of Electrical Engineering Southern Methodist University PO Box 750338 Dallas, TX 75275-0338 USA Tel: 214-768-8541 Fax: 214-768-3573 Email: tchen@engr.smu.edu
More informationCisco IPS Tuning Overview
Cisco IPS Tuning Overview Overview Increasingly sophisticated attacks on business networks can impede business productivity, obstruct access to applications and resources, and significantly disrupt communications.
More informationBreach Found. Did It Hurt?
ANALYST BRIEF Breach Found. Did It Hurt? INCIDENT RESPONSE PART 2: A PROCESS FOR ASSESSING LOSS Authors Christopher Morales, Jason Pappalexis Overview Malware infections impact every organization. Many
More informationfor Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs
for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs EXECUTIVE SUMMARY Supervisory Control and Data Acquisition (SCADA) systems are used for remote
More informationWhite Paper. April 2006. Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks
White Paper April 2006 Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks According to a recent Harris Interactive survey, the country s leading business executives consider
More informationRealize That Big Security Data Is Not Big Security Nor Big Intelligence
G00245789 Realize That Big Security Data Is Not Big Security Nor Big Intelligence Published: 19 April 2013 Analyst(s): Joseph Feiman Security intelligence's ultimate objective, enterprise protection, is
More informationWhat Are Network Security Platforms?
Markets, J. Pescatore, M. Easley, R. Stiennon Research Note 7 November 2002 Network Security Platforms Will Transform Security Markets An integrated network security platform approach will increase network
More informationManaged Security Services
Managed Security Services 1 Table of Contents Possible Security Threats 3 ZSL s Security Services Model 4 Managed Security 4 Monitored Security 5 Self- Service Security 5 Professional Services 5 ZSL s
More informationHow to Develop an Effective Vulnerability Management Process
Research Publication Date: 1 March 2005 ID Number: G00124126 How to Develop an Effective Vulnerability Management Process Mark Nicolett IT organizations should develop vulnerability management processes
More informationResearch Agenda and Key Issues for Converged Infrastructure, 2006
Research Publication Date: 20 July 2006 ID Number: G00141507 Research Agenda and Key Issues for Converged Infrastructure, 2006 Sylvain Fabre Gartner's research will cover fixed-mobile convergence, the
More informationIP Centrex and IP Telephony Offer Different Capabilities
Competitive Analysis IP Centrex and IP Telephony Offer Different Capabilities Abstract: As IP Centrex and hosted IP telephony services become more mainstream, organizations must assess which solution is
More informationHype Cycle for Customer Relationship Management, 2003
S. Nelson Strategic Analysis Report 6 June 2003 Hype Cycle for Customer Relationship Management, 2003 Customer relationship management is maturing as a business strategy, but many aspects of CRM are more
More informationHighlights of the 2015 CEO Survey: Business Leaders Are Betting on Tech
G00274032 Highlights of the 2015 CEO Survey: Business Leaders Are Betting on Tech Published: 10 April 2015 Analyst(s): Mark Raskino Gartner's annual survey reveals CEOs' heightened interest in tech-related
More informationSecond-generation (GenII) honeypots
Second-generation (GenII) honeypots Bojan Zdrnja CompSci 725, University of Auckland, Oct 2004. b.zdrnja@auckland.ac.nz Abstract Honeypots are security resources which trap malicious activities, so they
More informationThe Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know
The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know I n t r o d u c t i o n Until the late 1990s, network security threats were predominantly written by programmers seeking notoriety,
More informationTaxonomy of Intrusion Detection System
Taxonomy of Intrusion Detection System Monika Sharma, Sumit Sharma Abstract During the past years, security of computer networks has become main stream in most of everyone's lives. Nowadays as the use
More informationWhat is Really Needed to Secure the Internet of Things?
What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices
More information1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski May 2015 is a business-critical application security solution for SAP environments. It provides a context-aware, secure and cloud-ready platform
More informationWHITE PAPER PROCESS CONTROL NETWORK SECURITY: INTRUSION PREVENTION IN A CONTROL SYSTEMS ENVIRONMENT
WHITE PAPER PROCESS CONTROL NETWORK SECURITY: INTRUSION PREVENTION IN A CONTROL SYSTEMS ENVIRONMENT WHAT S INSIDE: 1. GENERAL INFORMATION 1 2. EXECUTIVE SUMMARY 1 3. BACKGROUND 2 4. QUESTIONS FOR CONSIDERATION
More informationCost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products
Research Publication Date: 10 December 2008 ID Number: G00163195 Cost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products Lawrence Orans, Greg Young Most
More informationChoose Your Own - Fighting the Battle Against Zero Day Virus Threats
Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats 1 of 2 November, 2004 Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats Choose Your Weapon: Fighting the Battle
More informationcase study Core Security Technologies Summary Introductory Overview ORGANIZATION: PROJECT NAME:
The Computerworld Honors Program Summary developed the first comprehensive penetration testing product for accurately identifying and exploiting specific network vulnerabilities. Until recently, organizations
More informationThe Truth about False Positives
An ISS Technical White Paper The Truth about False Positives 6303 Barfield Road Atlanta, GA 30328 Tel: 404.236.2600 Fax: 404.236.2626 Overview In the security industry, many security analysts remark that
More informationRTEs Must Anticipate New Network Demands
Strategic Planning, W. Clark Research Note 13 March 2003 RTEs Must Anticipate New Network Demands Real-time enterprise requirements will change key characteristics of network traffic as usage patterns
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationSoftware Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS
Software Engineering 4C03 Class Project Computer Networks and Computer Security COMBATING HACKERS Done By: Ratinder Ricky Gill Student Number: 0048973 E-Mail: gillrr@mcmaster.ca Due: Tuesday April 5, 2005
More informationCloud-Client Enterprise Security Impact Report Increased Protection at a Lower Cost
y Cloud-Client Enterprise Security Impact Report Increased Protection at a Lower Cost An Osterman Research White Paper Published January 2009 SPONSORED BY onsored by Phone: +1 877-21-TREND www.trendmicro.com/go/smartprotection
More informationThe 2014 Next Generation Firewall Challenge
Network World and Robin Layland present The 2014 Next Generation Firewall Challenge Guide to Understanding and Choosing a Next Generation Firewall to Combat Today's Threats 2014 The 2014 Next Generation
More informationHow To Prevent Hacker Attacks With Network Behavior Analysis
E-Guide Signature vs. anomaly-based behavior analysis News of successful network attacks has become so commonplace that they are almost no longer news. Hackers have broken into commercial sites to steal
More informationExtreme Networks Security Analytics G2 Vulnerability Manager
DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering
More informationBusiness Intelligence: The European Perspective
Markets, F. Buytendijk Research Note 5 November 2002 Business Intelligence: The European Perspective When choosing business intelligence products, European users are not that different from North American
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationABB s approach concerning IS Security for Automation Systems
ABB s approach concerning IS Security for Automation Systems Copyright 2006 ABB. All rights reserved. Stefan Kubik stefan.kubik@de.abb.com The problem Most manufacturing facilities are more connected (and
More informationNetwork Intrusion Prevention Systems Justification and ROI
White Paper October 2004 McAfee Protection-in-Depth Strategy Network Intrusion Prevention Systems 2 Table of Contents Are My Critical Data Safe? 3 The Effects and Results of an Intrusion 3 Why the Demand
More informationHow To Create An Intelligent Infrastructure Solution
SYSTIMAX Solutions Intelligent Infrastructure & Security Using an Internet Protocol Architecture for Security Applications White Paper July 2009 www.commscope.com Contents I. Intelligent Building Infrastructure
More informationTop 5 Essential Log Reports
Top 5 Essential Log Reports Version 1.0 Contributors: Chris Brenton - Independent Security Consultant - chris@chrisbrenton.org Tina Bird, Security Architect, PGP Corporation Marcus J Ranum, CSO, Tenable
More informationSECURING YOUR SMALL BUSINESS. Principles of information security and risk management
SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationReducing Application Vulnerabilities by Security Engineering
Reducing Application Vulnerabilities by Security Engineering - Subash Newton Manager Projects (Non Functional Testing, PT CoE Group) 2008, Cognizant Technology Solutions. All Rights Reserved. The information
More informationINSIDE. Malicious Threats of Peer-to-Peer Networking
Symantec Security Response WHITE PAPER Malicious Threats of Peer-to-Peer Networking by Eric Chien, Symantec Security Response INSIDE Background Protocols New Vector of Delivery Malicious Uses of Peer-to-Peer
More informationPrediction 2003: CRM Software Market Faces Tough Times
Dataquest Predicts Prediction 2003: CRM Software Market Faces Tough Times Abstract: The customer relationship management software market falls from its pinnacle, and downward license revenue challenges
More informationIDS or IPS? Pocket E-Guide
Pocket E-Guide IDS or IPS? Differences and benefits of intrusion detection and prevention systems Deciding between intrusion detection systems (IDS) and intrusion prevention systems (IPS) is a particularly
More information2. From a control perspective, the PRIMARY objective of classifying information assets is to:
MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected
More informationGartner Updates Its Definition of IT Infrastructure Utility
Research Publication Date: 23 April 2004 ID Number: M-22-2393 Gartner Updates Its Definition of IT Infrastructure Utility Claudio Da Rold Our new definition of IT infrastructure utility clears away some
More informationCLOUD CLIENTS AND VIRTUAL CLIENTS
CLOUD CLIENTS AND VIRTUAL CLIENTS The Transformation of Virtual Desktops Through Mobility and Cloud Computing Over the past three years, the technology we used to know as virtual desktop infrastructure
More informationIBM Security QRadar Vulnerability Manager
IBM Security QRadar Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution Highlights Help prevent security breaches by discovering and highlighting high-risk
More informationNetsweeper Whitepaper
Netsweeper Inc. Corporate Headquarters 104 Dawson Road Suite 100 Guelph, ON, Canada N1H 1A7 CANADA T: +1 (519) 826-5222 F: +1 (519) 826-5228 Netsweeper Whitepaper The Evolution of Web Security June 2010
More informationINTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA
INTRUSION DETECTION SYSTEM (IDS) D souza Adam Jerry Joseph 0925910 I MCA OVERVIEW Introduction Overview The IDS Puzzle Current State of IDS Threats I have a good firewall, why do I need an IDS? Expectations
More informationCisco & Big Data Security
Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that
More informationClosing Wireless Loopholes for PCI Compliance and Security
Closing Wireless Loopholes for PCI Compliance and Security Personal information is under attack by hackers, and credit card information is among the most valuable. While enterprises have had years to develop
More informationGetting Ahead of Malware
IT@Intel White Paper Intel Information Technology Security December 2009 Getting Ahead of Malware Executive Overview Since implementing our security event monitor and detection processes two years ago,
More informationObservation and Findings
Chapter 6 Observation and Findings 6.1. Introduction This chapter discuss in detail about observation and findings based on survey performed. This research work is carried out in order to find out network
More informationSolution Path: Threats and Vulnerabilities
Solution Path: Threats and Vulnerabilities Published: 24 January 2012 Burton IT1 Research G00226331 Analyst(s): Dan Blum This solution path helps Gartner clients develop a strategy and program for managing
More informationCONTENTS. 1.0 Introduction
CONTENTS 1.0 Introduction 2.0 Why we are different? 2.1 What can a Firewall do? 2.2 What can an Intrusion Detection System do? 2.3 What can a Mail Security System do? 2.4 What can Defencity NetSecure do?
More informationITG Executive Summary
ITG Executive Summary VALUE PROPOSITION FOR IBM POWER SYSTEMS SERVERS AND IBM I: MINIMIZING COSTS AND RISKS FOR MIDSIZE BUSINESSES Challenges February 2011 The challenges faced by midsize businesses remain
More informationWhy Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation www.lumeta.
Why Leaks Matter Leak Detection and Mitigation as a Critical Element of Network Assurance A publication of Lumeta Corporation www.lumeta.com Table of Contents Executive Summary Defining a Leak How Leaks
More informationData Center Security in a World Without Perimeters
www.iss.net Data Center Security in a World Without Perimeters September 19, 2006 Dave McGinnis Director of MSS Architecture Agenda Securing the Data Center What threats are we facing? What are the risks?
More informationIntelligent. Data Sheet
Cisco IPS Software Product Overview Cisco IPS Software is the industry s leading network-based intrusion prevention software. It provides intelligent, precise, and flexible protection for your business
More informationTHE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI
THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI Introduction. I. VULNERABILITIES AND TECHNOLOGIES. 1. Hackers and Threats. Contending with Vulnerability Realizing Value in Security
More information