It seems that the world of information technology and information security is pursuing a path to harmony and cooperation. The current buzz word is “unity”. We have unified communications- converging IP networking, email, voicemail, voice communications, and instant messaging to provide an integrated communications framework. Another area of unity is in threat management. Traditionally, organizations have a variety of separate security devices and applications. They may have a firewall appliance at the perimeter, with some sort of IDS or IPS appliance between the firewall and the network. They may have an antimalware appliance, or have some antimalware software installed on email gateway servers. Perhaps, they even have an antispam appliance or application. Continued »
Intrusion detection, despite being declared dead by a Gartner analyst in 2003, remains alive and kicking in 2007…almost 2008. Actually, not only is it still around and being used in various forms by many organizations, it is actually mandated by some security regulations and standards. In this Computerworld article, Dr. Anton Chuvakin takes a look at the state of intrusion detection as it relates to security compliance. Exploring FISMA, HIPAA, and PCI DSS, Chuvakin spells out the intrusion detection requirements of each. Where things get tricky, or sticky, for some organizations is where the standards and regulations meet. Organizations that fall under HIPAA, and SOX, and PCI DSS, etc. have to compare and contrast the requirements to make sure the security they implement meets all requirements simultaneously and that there are no overt conflicts. Check out Intrusion Detection in the Age of Compliance for more information.
One of the main components of networking is the router. Without the “router”, the traffic would not be “routed” to its intended destination (duh!). That also means that the router is in a prime position to act as a gatekeeper to help protect the network. By defining and implementing Access Controls Lists (ACL’s), you can manage what IP addresses are allowed to communicate in or out of the network, and on what ports the communication is allowed. Using ACL’s, you can control Continued »
It seems like security breaches and data compromise are almost a daily occurrence now. From the stolen VA laptop, to the massive breach of customer trust and network security at TJX, to the more recent data compromise incidents at Monster.com and TD Ameritrade, it is hard to imagine that there is anyone left who hasn’t had their personal and financial information stolen. Continued »
A group of hardware and software manufacturers, including Microsoft, Intel, and HP, have formed the USB 3.0 Promoter Group. The mission of the group is to coordinate development of the next-generation USB standard, USB 3.0. Their goal is to boost USB performance about 10 times over the existing USB 2.0 speeds. The target for finalizing the USB 3.0 standard is the first half of 2008, but don’t expect to see USB 3.0 compliant devices on the market until at least the end of 2009. This Computerworld.com article details more about the group’s efforts.
According to a recent report from Burton Group Senior Analyst Paul DeBeasi, the end of wired Ethernet networking is at hand. Comparing the features and functionality of the latest standards- 802.11n wireless vs. wired Gigabit Ethernet- DeBeasi concludes that the benefits of an 802.11n network will establish it as the default network type and chip away at the dominance of wired networks over the next few years. You can read more about the report in this Computerworld.com article.
IPv6, the next generation IP protocol which is replacing the current IPv4 (not sure what happened to IPv5) has not taken off quite the way it had been anticipated. Still, the standard is being rolled out more and more, if by nothing more than attrition, and organizations need next generation tools to handle the next generation protocol. Storage vendor EMC has rolled out just such a tool. Their Smart IPv6 Availability Manager provides discovery, mapping, monitoring and root-cause analysis of problems for IPv6 networks, and is also backward compatible with IPv4 networks or networks that mix both IPv4 and IPv6. For more details about this IPv6 tool, check out this Computerworld.com article.
When it comes to network security, the perimeter has traditionally been the primary defense. Organizations have invested a significant amount of time, money and resources into firewalls and other perimeter security technologies aimed at keeping unauthorized network traffic outside and sensitive company information inside. Lately, there have been a lot of pundits and analysts stating that the perimeter is dead. In this SearchSecurity article, Mike Chapple declares the obituary of the perimeter both premature and wreckless. Continued »
Less than a month ago, Microsoft CEO Steve Ballmer and Cisco CEO John Chambers held a joint press conference announcing their intent to cooperate and collaborate more in a team effort to bring to market the kinds of unified communication technologies that consumers and enterprises need. Apparently they still have some work to do on being “team players” and sharing the sandbox nicely with each other. Continued »
Ages of folk wisdom suggest that if something “ain’t broke, don’t fix it”. In many cases, this logic makes sense. If a system or process is working just fine the way it is, you don’t want to invest the limited resources you have in improving or altering it when you have actual broken things to fix. That may not be the case with network issues. Well, sort of. A study done by NetScout Systems which is discussed in this SearchNetworking.com article suggests that organizations need to be more proactive about identifying and resolving network issues before they become issues that cause user complaints or Continued »