Users and Vendors Speak Out: Intrusion Detection and Prevention

Size: px
Start display at page:

Download "Users and Vendors Speak Out: Intrusion Detection and Prevention"

Transcription

1 Market Analysis Users and Vendors Speak Out: Intrusion Detection and Prevention Abstract: With network security concerns multiplying, intrusion protection systems are a hot commodity. But don't count out intrusion detection systems just yet. They still offer useful forensic and legal benefits. By Elroy Jopling and Andy Rolfe Strategic Market Statements An intrusion protection system (IPS) represents a new technology in the early stages of the Hype Cycle, so expect the hype to intensify and disillusionment to follow; it does offer a significant degree of future potential that enterprises should keep abreast of and test on noncritical applications. Even though we went through a lot with the intrusion detection system (IDS) in false positives and performance issues, don't throw them out as they can be useful because of the detail they provide for attack signatures, which can be of forensic and legal benefit. Automated patch management systems are further along than most enterprises are aware and should be reviewed for their primary purpose of ensuring all users stay up to date with the latest patches; automated patch management can provide a methodology for ensuring a new user comes on to the system with the correct security posture to ensure the last defense the patch is there. Publication Date:4 August 2003

2 2 Users and Vendors Speak Out: Intrusion Detection and Prevention Introduction IDS has proved to be of questionable value. At the same time, IPS and automated patch management, although in their infancy, seemingly offer significant potential. Unfortunately, in a parallel, hacker attacks have become more efficient, and the velocity of the propagation of these attacks has increased greatly. Enterprises must simultaneously follow the evolution of these technologies and attacks. (Note: The body of this Perspective reflects the thoughts of users and vendors, not specifically those of Gartner. The users' and vendors' thoughts are from the Gartner IT Security Summit 2003 as part of Sector5 telecommunications and information services users and vendors industry panel discussions.) Intrusion Detection, Response and Prevention IPS is within the early stage of moving up the Gartner Hype Cycle (see "Hype Cycle for Transportation Technologies, 2003," R ), with two to five years before reaching the adoption plateau. IDS is considered obsolete before having reached the adoption plateau. IDS tried to characterize attacks by "malicious signature" (a profile that might indicate trouble). IPS looks at more specifics such as known hacks, protocol violations and abnormal traffic conditions. In some ways, IDS tried to catch everything, failing to do so because of false positives. IPS should be much better at preventing (and not just finding) known hacks and actual violations, but not so good at identifying malicious behavior. IPS is a tool to prevent attacks. If a new attack occurs, a worm may be created to run wild on your system. No patch is available for this. Even with a patch, if you have 100 systems and take 10 person hours per machine to patch, it will cost 1,000 person hours obviously taking too much time. With an accurate reliable signature of the attack, the IPS can peel off trafficasitentersyoursystem. A multimethod approach of doing intrusion detection is required, for example, upfront protocol validation and checking the uniform resource locator (URL) against a set of absolute values from a signature file. Where are users placing the IPS in position to the firewall? Forty percent before, 40 percent after and 20 percent are for dedicated systems (for example, Web farms and hosting facilities). An IPS may stop the problem, but it is not a cure. A patch may be required Gartner, Inc. and/or its Affiliates. All Rights Reserved. 4 August 2003

3 3 Don't Throw Out Your IDS IDS may be a technology that has come and gone or has it? For many users, IDS is considered a waste of money. But then again, the waste may be the result of the people who interpreted the results. In the last few years, we have suffered through a lot with IDS, including a number of false positives and performance issues. However, don't throw out your IDS just yet. IPS may stop an attack, but it does not keep the full "flavor" of the signature. IDS can be useful for forensics and legal reasons. A hacker will use some sort of vulnerability-scanning tool to see what holes you have. Not all hackers are equal; some will leave traces in your IDS logs that can lead to their apprehension. Security Patches and Patch Management No software will be perfect: Security patches will always be a requirement as the last defense. Software has become more complex, with various versions, numerous patches and resulting impacts with other applications. Software has become a living entity. When vendors make new patches and fix a major vulnerability, they also fix five or six unknown or hidden vulnerabilities, effectively complicating the assessment of a new patch. With more enterprises getting on the Web, the speed required to get patches out is becoming a significant issue. Most enterprises don't realize the technology is available for automated patch management. Ninety-nine percent of the people hit with the Slammer virus didn't have a policy in place to manage the existing patch. Some enterprises want their system shipped with security on. Tools are available so that when you plug in a new computer it is automatically updated with the patches you have defined. Patch management systems will become more automated and will include software updates for the firmware in the network hub, routers and switches, handheld devices, and wireless. What's Next? Slammer's Conspiracy Theory The speed of replication of new attacks raises frightening possibilities. Slammer just tried to replicate itself. Seventy thousand hosts were infected in 30 minutes Gartner, Inc. and/or its Affiliates. All Rights Reserved. 4 August 2003

4 4 Users and Vendors Speak Out: Intrusion Detection and Prevention Gartner Dataquest Perspective Slammer may be just the warm-up, as it infected but didn't do anything significant. Its damage could have been much worse: It could have formatted the hard drive. Hackers continue to increase the velocity of the attacks as though they are fine-tuning their exploits, getting the algorithms right, seemingly preparing for the next wave of attacks. Slammer was many times faster than Code Red. The threat of "cyberterrorism" has become much more of a reality. Other Vulnerabilities and Concerns Still more vulnerabilities and concerns exist: Many old hubs, routers and switches are out there running on vulnerable old firmware. Expect to see hackers begin to attack these older systems. In the last couple of years, "denial of service" attacks have become more common and much more expensive. They will persist because of fundamental problems with Transmission Control Protocol (TCP)/Internet Protocol (IP). IPS is a new technology in the early stages of the Gartner Hype Cycle. Expect to see IPS garner more press and more enterprise interest, as conceptually it is a sound idea meeting a real enterprise need. With the hype will follow an overestimation of IPS's capabilities and the resulting slide down the Hype Cycle. The question is, with what velocity will IPS drive through the Hype Cycle? Considering enterprise interest, this velocity may be fairly rapid. It will become a replacement for IDS, but its relationship to IDS may also be a retarding factor, as enterprises are "once burned, twice shy." IPS represents a technology that enterprises should track and, where applicable, a methodology to test on noncritical applications. IDS has ridden the waves of the Hype Cycle and now languishes in the Hype Cycle's Trough of Disillusionment a final resting spot. Don't throw out your existing IDS as it has value from a forensics and legal resource perspective. But equally, don't invest further in the technology. Security attacks are bad enough, but knowing an attack could have been preventedwithanavailablepatchmakesitmuchworse.theformerhas been accepted as a cost of doing business, while the latter has become a legal liability to the enterprise. Patches are the last defense and the final solution. Automated patch management tools can represent a methodology to ensure patches are applied, but also a methodology to ensure new users are up to date before even entering the enterprise network. It will get worse before it gets better. Slammer may be a precursor to the speed of attacks to come, and if the attacks become more vicious (an extra few lines of code), the ramifications could be catastrophic Gartner, Inc. and/or its Affiliates. All Rights Reserved. 4 August 2003

5 Moreover, it will become more complex before it becomes simpler. As networks, hardware and applications become faster, the threat is heightened, and the processing speed required to change from detection to prevention must be faster. The costs of preventing intrusion will become more expensive. 5 Key Issue How are network security concerns impacting enterprise communications networks? 2003 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 4 August 2003

6 6 Users and Vendors Speak Out: Intrusion Detection and Prevention This document has been published to the following Marketplace codes: TELC-WW-DP-0570 For More Information... In North America and Latin America: In Europe, the Middle East and Africa: In Asia/Pacific: In Japan: Worldwide via gartner.com: Entire contents 2003 Gartner, Inc. and/or its Affiliates. All rights reserved. Reproduction of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice

Midsize Enterprises Lead in Adoption of Payment Outsourcing

Midsize Enterprises Lead in Adoption of Payment Outsourcing Research Brief Midsize Enterprises Lead in Adoption of Payment Outsourcing Abstract: More than one-third of midsize enterprises plan to use payment outsourcing by 2004. New areas of interest include automated

More information

IT Services Opportunities in IP Telephony (Executive Summary) Executive Summary

IT Services Opportunities in IP Telephony (Executive Summary) Executive Summary IT Services Opportunities in IP Telephony (Executive Summary) Executive Summary Publication Date: 12 January 2004 Author Eric Goodness This document has been published to the following Marketplace codes:

More information

North American Call Centers Market Share and Forecast, 2002 (Executive Summary) Executive Summary

North American Call Centers Market Share and Forecast, 2002 (Executive Summary) Executive Summary North American Call Centers Market Share and Forecast, 2002 (Executive Summary) Executive Summary Publication Date: July 11, 2002 Authors Drew Kraus Lily Yu This document has been published to the following

More information

Responsible Vulnerability Disclosure: Guidance for Researchers, Vendors and End Users

Responsible Vulnerability Disclosure: Guidance for Researchers, Vendors and End Users Research Publication Date: 17 October 2006 ID Number: G00144061 Responsible Vulnerability Disclosure: Guidance for Researchers, Vendors and End Users Amrit T. Williams, John Pescatore, Paul E. Proctor

More information

Enterprise Resource Planning Software Market: Europe, 2002 (Executive Summary) Executive Summary

Enterprise Resource Planning Software Market: Europe, 2002 (Executive Summary) Executive Summary Enterprise Resource Planning Software : Europe, 2002 (Executive Summary) Executive Summary Publication Date: 20 August 2003 Authors Fabrizio Biscotti Chris Pang Chad Eschinger This document has been published

More information

Managers Begin to Apply Business Activity Monitoring

Managers Begin to Apply Business Activity Monitoring Research Brief Managers Begin to Apply Business Activity Monitoring Abstract: Managers are not fully using real-time capabilities for decision making; they implement BAM with basic analytic methods instead

More information

How Deal Size Matters in IT Infrastructure Outsourcing (Executive Summary) Executive Summary

How Deal Size Matters in IT Infrastructure Outsourcing (Executive Summary) Executive Summary How Deal Size Matters in IT Infrastructure Outsourcing (Executive Summary) Executive Summary Publication Date: 2 January 2004 Author Bruce M. Caldwell This document has been published to the following

More information

Small and Midsize Business IT Outsourcing Vendor Market Trends, 2003 (Executive Summary) Executive Summary

Small and Midsize Business IT Outsourcing Vendor Market Trends, 2003 (Executive Summary) Executive Summary Small and Midsize Business IT Outsourcing Vendor Market Trends, 2003 (Executive Summary) Executive Summary Publication Date: 15 January 2004 Author Robert H. Brown This document has been published to the

More information

Supply Chain Management Software Market: Europe, 2002 (Executive Summary)

Supply Chain Management Software Market: Europe, 2002 (Executive Summary) Supply Chain Management Software Market: Europe, 2002 (Executive Summary) Executive Summary Marketplace: Publication Date: 28 August 2003 Authors Fabrizio Biscotti Chad Eschinger Chris Pang This document

More information

2002-2003 Web Services Development, North America (Executive Summary) Executive Summary

2002-2003 Web Services Development, North America (Executive Summary) Executive Summary 2002-2003 Web Services Development, North America (Executive Summary) Executive Summary Publication Date: 3 July 2003 Authors Nicole S. Latimer Colleen Graham Joanne M. Correia Norma Schroder This document

More information

Organizations Must Employ Effective Data Security Strategies

Organizations Must Employ Effective Data Security Strategies Research Publication Date: 30 August 2005 ID Number: G00123639 Organizations Must Employ Effective Data Security Strategies Rich Mogull Organizations can best protect data through a hierarchical data security

More information

Predicts 2004: Client-Side Windows Adoption

Predicts 2004: Client-Side Windows Adoption Strategic Planning, M. Silver Research Note 1 December 2003 Predicts 2004: Client-Side Windows Adoption Despite security fixes for NT Workstation v.4, you should focus on migrating to newer platforms and

More information

Managing Security Risks in Modern IT Networks

Managing Security Risks in Modern IT Networks Managing Security Risks in Modern IT Networks White Paper Table of Contents Executive summary... 3 Introduction: networks under siege... 3 How great is the problem?... 3 Spyware: a growing issue... 3 Feeling

More information

Business Process Outsourcing Popularity Grows in SMB Market (Executive Summary) Executive Summary

Business Process Outsourcing Popularity Grows in SMB Market (Executive Summary) Executive Summary Business Process Outsourcing Popularity Grows in SMB Market (Executive Summary) Executive Summary Publication Date: 30 January 2003 Authors Robert H. Brown Mika Yamamoto Krammer This document has been

More information

Managing Vulnerabilities For PCI Compliance

Managing Vulnerabilities For PCI Compliance Managing Vulnerabilities For PCI Compliance Christopher S. Harper Vice President of Technical Services, Secure Enterprise Computing, Inc. June 2012 NOTE CONCERNING INTELLECTUAL PROPERTY AND SOLUTIONS OF

More information

Business Intelligence Software Market: Europe, 2002 (Executive Summary) Executive Summary

Business Intelligence Software Market: Europe, 2002 (Executive Summary) Executive Summary Business Intelligence Software : Europe, 2002 (Executive Summary) Executive Summary Publication Date: 9 January 2004 Authors Fabrizio Biscotti Colleen Graham This document has been published to the following

More information

Outlook for the CRM Software Market: Trends and Forecast (Executive Summary) Executive Summary

Outlook for the CRM Software Market: Trends and Forecast (Executive Summary) Executive Summary Outlook for the CRM Software Market: Trends and Forecast (Executive Summary) Executive Summary Publication Date: October 30, 2002 Authors Thomas Topolinski Chad Eschinger Pranav Kumar This document has

More information

Home Cable Providers Combine Voice, Video, Data

Home Cable Providers Combine Voice, Video, Data Research Brief Home Cable Providers Combine Voice, Video, Data Abstract: Cable service providers are looking to the three-way combination of video, voice, and data to increase revenue. Will this new format

More information

CIO Update: Enterprise Security Moves Toward Intrusion Prevention

CIO Update: Enterprise Security Moves Toward Intrusion Prevention IGG-06042003-03 J. Pescatore, R. Stiennon Article 4 June 2003 CIO Update: Enterprise Security Moves Toward Intrusion Prevention As targeted hacker attacks increase, intrusion prevention is gaining importance

More information

SCADA SYSTEMS AND SECURITY WHITEPAPER

SCADA SYSTEMS AND SECURITY WHITEPAPER SCADA SYSTEMS AND SECURITY WHITEPAPER Abstract: This paper discusses some of the options available to companies concerned with the threat of cyber attack on their critical infrastructure, who as part of

More information

Now Is the Time for Security at the Application Level

Now Is the Time for Security at the Application Level Research Publication Date: 1 December 2005 ID Number: G00127407 Now Is the Time for Security at the Application Level Theresa Lanowitz Applications must be available, useful, reliable, scalable and, now

More information

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current

More information

NetDefend Firewall UTM Services

NetDefend Firewall UTM Services NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content Filtering

More information

Software Suites Will Dominate Europe's Call Center Market

Software Suites Will Dominate Europe's Call Center Market Market Analysis Software Suites Will Dominate Europe's Call Center Market Abstract: By 2006, sales of IP-based call centers in Europe will exceed those of TDM systems, but adoption of independent server-based

More information

HIPAA Compliance Hindered by Lagging Vendors

HIPAA Compliance Hindered by Lagging Vendors Markets, M-21-473 W. Rishel Research Note November 3 HIPAA Compliance Hindered by Lagging Vendors Independent software vendors are significant contributors to the delays on HIPAA transactions. Their customers

More information

IT asset management (ITAM) will proliferate in midsize and large companies.

IT asset management (ITAM) will proliferate in midsize and large companies. Research Publication Date: 2 October 2008 ID Number: G00161024 Trends on Better IT Asset Management Peter Wesche New exiting trends will lead to a higher adoption of asset management methodologies. Tighter

More information

New Sales and Marketing Models Required to Sell Business Process Services

New Sales and Marketing Models Required to Sell Business Process Services Research Brief New Sales and Marketing Models Required to Sell Business Process Services Abstract: Numerous internal and external catalysts of change are forcing service providers to continuously reassess

More information

Network Instruments white paper

Network Instruments white paper Network Instruments white paper USING A NETWORK ANALYZER AS A SECURITY TOOL Network Analyzers are designed to watch the network, identify issues and alert administrators of problem scenarios. These features

More information

Highlights of the 2015 CEO Survey: Business Leaders Are Betting on Tech

Highlights of the 2015 CEO Survey: Business Leaders Are Betting on Tech G00274032 Highlights of the 2015 CEO Survey: Business Leaders Are Betting on Tech Published: 10 April 2015 Analyst(s): Mark Raskino Gartner's annual survey reveals CEOs' heightened interest in tech-related

More information

Breach Found. Did It Hurt?

Breach Found. Did It Hurt? ANALYST BRIEF Breach Found. Did It Hurt? INCIDENT RESPONSE PART 2: A PROCESS FOR ASSESSING LOSS Authors Christopher Morales, Jason Pappalexis Overview Malware infections impact every organization. Many

More information

Realize That Big Security Data Is Not Big Security Nor Big Intelligence

Realize That Big Security Data Is Not Big Security Nor Big Intelligence G00245789 Realize That Big Security Data Is Not Big Security Nor Big Intelligence Published: 19 April 2013 Analyst(s): Joseph Feiman Security intelligence's ultimate objective, enterprise protection, is

More information

Organizations Should Implement Web Application Security Scanning

Organizations Should Implement Web Application Security Scanning Research Publication Date: 21 September 2005 ID Number: G00130869 Organizations Should Implement Web Application Security Scanning Amrit T. Williams, Neil MacDonald Web applications are prone to vulnerabilities

More information

What Do You Mean My Cloud Data Isn t Secure?

What Do You Mean My Cloud Data Isn t Secure? Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there

More information

NetDefend Firewall UTM Services

NetDefend Firewall UTM Services NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content Filtering (WCF) for superior

More information

Hierarchy of Needs for Content Networking

Hierarchy of Needs for Content Networking Technology, M. Fabbi Research Note 28 October 2002 Hierarchy of Needs for Content Networking Enterprises should understand the hierarchy of needs for content networking, which is illustrated by examining

More information

Asia/Pacific VoIP: A Change of Heart

Asia/Pacific VoIP: A Change of Heart Asia/Pacific VoIP: A Change of Heart Market Analysis Abstract: Voice over IP, which has been struggling to get off the ground for a long time, is beginning to take off in Asia/Pacific, especially in the

More information

Analyzing Logs For Security Information Event Management

Analyzing Logs For Security Information Event Management ZOHO Corp. Analyzing Logs For Security Information Event Management Whitepaper Notice: ManageEngine shall have no liability for errors, omissions or inadequacies in the information contained herein or

More information

Analyzing Logs For Security Information Event Management

Analyzing Logs For Security Information Event Management ZOHO Corp. Analyzing Logs For Security Information Event Management Whitepaper Notice: ZOHO Corp. shall have no liability for errors, omissions or inadequacies in the information contained herein or for

More information

IQware's Approach to Software and IT security Issues

IQware's Approach to Software and IT security Issues IQware's Approach to Software and IT security Issues The Need for Security Security is essential in business intelligence (BI) systems since they have access to critical and proprietary enterprise information.

More information

Endpoint Security Management

Endpoint Security Management Endpoint Security Management LANDESK SOLUTION BRIEF Protect against security threats, malicious attacks and configuration vulnerabilities through strong endpoint security control and maintenance. Protect

More information

Cost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products

Cost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products Research Publication Date: 10 December 2008 ID Number: G00163195 Cost Optimization: Three Steps to Saving Money on Maintenance and Support for Network Security Products Lawrence Orans, Greg Young Most

More information

Analyzing Logs For Security Information Event Management Whitepaper

Analyzing Logs For Security Information Event Management Whitepaper ADVENTNET INC. Analyzing Logs For Security Information Event Management Whitepaper Notice: AdventNet shall have no liability for errors, omissions or inadequacies in the information contained herein or

More information

White Paper. April 2006. Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks

White Paper. April 2006. Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks White Paper April 2006 Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks According to a recent Harris Interactive survey, the country s leading business executives consider

More information

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs

for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs for Critical Infrastructure Protection Supervisory Control and Data Acquisition SCADA SECURITY ADVICE FOR CEOs EXECUTIVE SUMMARY Supervisory Control and Data Acquisition (SCADA) systems are used for remote

More information

What Are Network Security Platforms?

What Are Network Security Platforms? Markets, J. Pescatore, M. Easley, R. Stiennon Research Note 7 November 2002 Network Security Platforms Will Transform Security Markets An integrated network security platform approach will increase network

More information

Analyzing Logs For Security Information Event Management Whitepaper

Analyzing Logs For Security Information Event Management Whitepaper ADVENTNET INC. Analyzing Logs For Security Information Event Management Whitepaper Notice: AdventNet shall have no liability for errors, omissions or inadequacies in the information contained herein or

More information

Research Agenda and Key Issues for Converged Infrastructure, 2006

Research Agenda and Key Issues for Converged Infrastructure, 2006 Research Publication Date: 20 July 2006 ID Number: G00141507 Research Agenda and Key Issues for Converged Infrastructure, 2006 Sylvain Fabre Gartner's research will cover fixed-mobile convergence, the

More information

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations

More information

Software Market Definitions for Project Portfolio Management. Gartner Dataquest Guide

Software Market Definitions for Project Portfolio Management. Gartner Dataquest Guide Software Market Definitions for Project Portfolio Management Gartner Dataquest Guide Publication Date: 7 April 2003 GARTNER WORLDWIDE HEADQUARTERS NORTH AMERICA Corporate Headquarters 56 Top Gallant Road

More information

NetDefend Firewall UTM Services

NetDefend Firewall UTM Services Product Highlights Intrusion Prevention System Dectects and prevents known and unknown attacks/ exploits/vulnerabilities, preventing outbreaks and keeping your network safe. Gateway Anti Virus Protection

More information

How to Develop an Effective Vulnerability Management Process

How to Develop an Effective Vulnerability Management Process Research Publication Date: 1 March 2005 ID Number: G00124126 How to Develop an Effective Vulnerability Management Process Mark Nicolett IT organizations should develop vulnerability management processes

More information

Towards End-to-End Security

Towards End-to-End Security Towards End-to-End Security Thomas M. Chen Dept. of Electrical Engineering Southern Methodist University PO Box 750338 Dallas, TX 75275-0338 USA Tel: 214-768-8541 Fax: 214-768-3573 Email: tchen@engr.smu.edu

More information

Cisco IPS Tuning Overview

Cisco IPS Tuning Overview Cisco IPS Tuning Overview Overview Increasingly sophisticated attacks on business networks can impede business productivity, obstruct access to applications and resources, and significantly disrupt communications.

More information

IP Centrex and IP Telephony Offer Different Capabilities

IP Centrex and IP Telephony Offer Different Capabilities Competitive Analysis IP Centrex and IP Telephony Offer Different Capabilities Abstract: As IP Centrex and hosted IP telephony services become more mainstream, organizations must assess which solution is

More information

Symantec Security Information Manager 4.8 Release Notes

Symantec Security Information Manager 4.8 Release Notes Symantec Security Information Manager 4.8 Release Notes Symantec Security Information Manager 4.8 Release Notes The software described in this book is furnished under a license agreement and may be used

More information

Managed Security Services

Managed Security Services Managed Security Services 1 Table of Contents Possible Security Threats 3 ZSL s Security Services Model 4 Managed Security 4 Monitored Security 5 Self- Service Security 5 Professional Services 5 ZSL s

More information

Top 5 Essential Log Reports

Top 5 Essential Log Reports Top 5 Essential Log Reports Version 1.0 Contributors: Chris Brenton - Independent Security Consultant - chris@chrisbrenton.org Tina Bird, Security Architect, PGP Corporation Marcus J Ranum, CSO, Tenable

More information

Intrusion Detection. Tianen Liu. May 22, 2003. paper will look at different kinds of intrusion detection systems, different ways of

Intrusion Detection. Tianen Liu. May 22, 2003. paper will look at different kinds of intrusion detection systems, different ways of Intrusion Detection Tianen Liu May 22, 2003 I. Abstract Computers are vulnerable to many threats. Hackers and unauthorized users can compromise systems. Viruses, worms, and other kinds of harmful code

More information

Notebook Market Predictions, 2003

Notebook Market Predictions, 2003 Notebook Market Predictions, 2003 Dataquest Predicts Abstract: Microprocessor churn, a disappointing Tablet PC introduction, increasing wireless hot spots and wireless interfaces plus higher memory and

More information

Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in

Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in Research Publication Date: 15 March 2011 ID Number: G00210952 Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in Tim Zimmerman Enterprises must

More information

1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5

1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5 KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski May 2015 is a business-critical application security solution for SAP environments. It provides a context-aware, secure and cloud-ready platform

More information

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS Software Engineering 4C03 Class Project Computer Networks and Computer Security COMBATING HACKERS Done By: Ratinder Ricky Gill Student Number: 0048973 E-Mail: gillrr@mcmaster.ca Due: Tuesday April 5, 2005

More information

Business Intelligence: The European Perspective

Business Intelligence: The European Perspective Markets, F. Buytendijk Research Note 5 November 2002 Business Intelligence: The European Perspective When choosing business intelligence products, European users are not that different from North American

More information

Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats

Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats 1 of 2 November, 2004 Choose Your Weapon: Fighting the Battle against Zero-Day Virus Threats Choose Your Weapon: Fighting the Battle

More information

Don't Pay to Support CRM 'Shelfware'

Don't Pay to Support CRM 'Shelfware' Tactical Guidelines, J. Disbrow Research Note 3 May 2003 Don't Pay to Support CRM 'Shelfware' Enterprises license customer relationship management solutions that are often never totally deployed. Software

More information

Building A Secure Microsoft Exchange Continuity Appliance

Building A Secure Microsoft Exchange Continuity Appliance Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building

More information

RTEs Must Anticipate New Network Demands

RTEs Must Anticipate New Network Demands Strategic Planning, W. Clark Research Note 13 March 2003 RTEs Must Anticipate New Network Demands Real-time enterprise requirements will change key characteristics of network traffic as usage patterns

More information

E-Guide. Sponsored By:

E-Guide. Sponsored By: E-Guide Signature vs. anomaly-based behavior analysis News of successful network attacks has become so commonplace that they are almost no longer news. Hackers have broken into commercial sites to steal

More information

case study Core Security Technologies Summary Introductory Overview ORGANIZATION: PROJECT NAME:

case study Core Security Technologies Summary Introductory Overview ORGANIZATION: PROJECT NAME: The Computerworld Honors Program Summary developed the first comprehensive penetration testing product for accurately identifying and exploiting specific network vulnerabilities. Until recently, organizations

More information

Second-generation (GenII) honeypots

Second-generation (GenII) honeypots Second-generation (GenII) honeypots Bojan Zdrnja CompSci 725, University of Auckland, Oct 2004. b.zdrnja@auckland.ac.nz Abstract Honeypots are security resources which trap malicious activities, so they

More information

WEB ATTACKS AND COUNTERMEASURES

WEB ATTACKS AND COUNTERMEASURES WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in

More information

What Makes A Good Hosting

What Makes A Good Hosting What Makes A Good Hosting Provider? Tiny Haynes Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in any form without Gartner's

More information

The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know

The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know I n t r o d u c t i o n Until the late 1990s, network security threats were predominantly written by programmers seeking notoriety,

More information

Prediction 2003: CRM Software Market Faces Tough Times

Prediction 2003: CRM Software Market Faces Tough Times Dataquest Predicts Prediction 2003: CRM Software Market Faces Tough Times Abstract: The customer relationship management software market falls from its pinnacle, and downward license revenue challenges

More information

CLOUD CLIENTS AND VIRTUAL CLIENTS

CLOUD CLIENTS AND VIRTUAL CLIENTS CLOUD CLIENTS AND VIRTUAL CLIENTS The Transformation of Virtual Desktops Through Mobility and Cloud Computing Over the past three years, the technology we used to know as virtual desktop infrastructure

More information

Intelligent Infrastructure & Security

Intelligent Infrastructure & Security SYSTIMAX Solutions Intelligent Infrastructure & Security Using an Internet Protocol Architecture for Security Applications White Paper July 2009 www.commscope.com Contents I. Intelligent Building Infrastructure

More information

Gartner Updates Its Definition of IT Infrastructure Utility

Gartner Updates Its Definition of IT Infrastructure Utility Research Publication Date: 23 April 2004 ID Number: M-22-2393 Gartner Updates Its Definition of IT Infrastructure Utility Claudio Da Rold Our new definition of IT infrastructure utility clears away some

More information

Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in

Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in Reprinted & Distributed By Permission of Gartner, Inc. KUSA Publication Date: 15 March 2011 Clients That Don't Segment Their Network Infrastructure Will Have Higher Costs and Increased Vendor Lock-in Tim

More information

Rethinking IT and IT Security Strategies in an Era of Advanced Attacks, Cloud and Consumerization

Rethinking IT and IT Security Strategies in an Era of Advanced Attacks, Cloud and Consumerization Rethinking IT and IT Security Strategies in an Era of Advanced Attacks, Cloud and Consumerization Neil MacDonald VP and Gartner Fellow Gartner Information Security, Privacy and Risk Research Twitter @nmacdona

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

The Truth about False Positives

The Truth about False Positives An ISS Technical White Paper The Truth about False Positives 6303 Barfield Road Atlanta, GA 30328 Tel: 404.236.2600 Fax: 404.236.2626 Overview In the security industry, many security analysts remark that

More information

WHITE PAPER PROCESS CONTROL NETWORK SECURITY: INTRUSION PREVENTION IN A CONTROL SYSTEMS ENVIRONMENT

WHITE PAPER PROCESS CONTROL NETWORK SECURITY: INTRUSION PREVENTION IN A CONTROL SYSTEMS ENVIRONMENT WHITE PAPER PROCESS CONTROL NETWORK SECURITY: INTRUSION PREVENTION IN A CONTROL SYSTEMS ENVIRONMENT WHAT S INSIDE: 1. GENERAL INFORMATION 1 2. EXECUTIVE SUMMARY 1 3. BACKGROUND 2 4. QUESTIONS FOR CONSIDERATION

More information

Cisco & Big Data Security

Cisco & Big Data Security Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that

More information

Taxonomy of Intrusion Detection System

Taxonomy of Intrusion Detection System Taxonomy of Intrusion Detection System Monika Sharma, Sumit Sharma Abstract During the past years, security of computer networks has become main stream in most of everyone's lives. Nowadays as the use

More information

The 2014 Next Generation Firewall Challenge

The 2014 Next Generation Firewall Challenge Network World and Robin Layland present The 2014 Next Generation Firewall Challenge Guide to Understanding and Choosing a Next Generation Firewall to Combat Today's Threats 2014 The 2014 Next Generation

More information

What is Really Needed to Secure the Internet of Things?

What is Really Needed to Secure the Internet of Things? What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices

More information

Agenda Overview for Social Marketing, 2015

Agenda Overview for Social Marketing, 2015 G00270737 Agenda Overview for Social Marketing, 2015 Published: 19 December 2014 Analyst(s): Julie Hopkins Social marketing programs are maturing; executives increasingly expect ROI to follow social marketing

More information

Best Practices Top 10: Keep your e-marketing safe from threats

Best Practices Top 10: Keep your e-marketing safe from threats Best Practices Top 10: Keep your e-marketing safe from threats Months of work on a marketing campaign can go down the drain in a matter of minutes thanks to an unforeseen vulnerability on your campaign

More information

Intelligent. Data Sheet

Intelligent. Data Sheet Cisco IPS Software Product Overview Cisco IPS Software is the industry s leading network-based intrusion prevention software. It provides intelligent, precise, and flexible protection for your business

More information

THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI

THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI Introduction. I. VULNERABILITIES AND TECHNOLOGIES. 1. Hackers and Threats. Contending with Vulnerability Realizing Value in Security

More information

Extreme Networks Security Analytics G2 Vulnerability Manager

Extreme Networks Security Analytics G2 Vulnerability Manager DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering

More information

An Oracle White Paper December 2013. The Value of Diameter Signaling in Security and Interworking Between 3G and LTE Networks

An Oracle White Paper December 2013. The Value of Diameter Signaling in Security and Interworking Between 3G and LTE Networks An Oracle White Paper December 2013 The Value of Diameter Signaling in Security and Interworking Between 3G and LTE Networks Introduction Today s mobile networks are no longer limited to voice calls. With

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Network Intrusion Prevention Systems Justification and ROI

Network Intrusion Prevention Systems Justification and ROI White Paper October 2004 McAfee Protection-in-Depth Strategy Network Intrusion Prevention Systems 2 Table of Contents Are My Critical Data Safe? 3 The Effects and Results of an Intrusion 3 Why the Demand

More information

ABB s approach concerning IS Security for Automation Systems

ABB s approach concerning IS Security for Automation Systems ABB s approach concerning IS Security for Automation Systems Copyright 2006 ABB. All rights reserved. Stefan Kubik stefan.kubik@de.abb.com The problem Most manufacturing facilities are more connected (and

More information

Cloud-Client Enterprise Security Impact Report Increased Protection at a Lower Cost

Cloud-Client Enterprise Security Impact Report Increased Protection at a Lower Cost y Cloud-Client Enterprise Security Impact Report Increased Protection at a Lower Cost An Osterman Research White Paper Published January 2009 SPONSORED BY onsored by Phone: +1 877-21-TREND www.trendmicro.com/go/smartprotection

More information

Reducing Application Vulnerabilities by Security Engineering

Reducing Application Vulnerabilities by Security Engineering Reducing Application Vulnerabilities by Security Engineering - Subash Newton Manager Projects (Non Functional Testing, PT CoE Group) 2008, Cognizant Technology Solutions. All Rights Reserved. The information

More information

INSIDE. Malicious Threats of Peer-to-Peer Networking

INSIDE. Malicious Threats of Peer-to-Peer Networking Symantec Security Response WHITE PAPER Malicious Threats of Peer-to-Peer Networking by Eric Chien, Symantec Security Response INSIDE Background Protocols New Vector of Delivery Malicious Uses of Peer-to-Peer

More information

IDS or IPS? Pocket E-Guide

IDS or IPS? Pocket E-Guide Pocket E-Guide IDS or IPS? Differences and benefits of intrusion detection and prevention systems Deciding between intrusion detection systems (IDS) and intrusion prevention systems (IPS) is a particularly

More information