Upcoming Events

Executive conference

Cloud Connect March 16-18

Comprehensive thought leadership for executives, IT professionals and developers. Topics include: the ROI, cost and economics of on-demand computing; Migration strategies to move from on-premise to cloud-based IT; Vertical cloud specialization, tailoring features and architectures to specific applications, industries, and customer ecosystems

More Events »

Vendor Newsfeed

More Vendor Newsfeed »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

 
NetNews
N E W S / A N A L Y S I S  


Security Alerts for the Rest of Us

  February 6, 2003
  By Mike Fratto


TOC Issue TOC
Printer Print full article
E-Mail E-Mail this URL
Discuss Discuss this article
flame author Flame the author

I hate reading vulnerability bulletins. Talk about dense material. I sometimes find it difficult to follow explanations about systems I understand well, let alone those about systems I use but don't fully understand.

And I know I'm not alone. Network administrators who aren't immersed in security are just as disadvantaged.

Discuss Join other NWC readers in discussing this article.
The responsibility to issue easily understandable alerts lies with vendors. Not every product user is an expert, but all users need to be aware of security problems so they can take corrective action. This will be difficult, but not impossible. Last November, for instance, Microsoft began issuing separate alerts for technical and nontechnical people. This is a step in the right direction, and I can only hope other vendors follow suit. But you can't leave everything to the vendors.

Nearly all vendors and a few security researchers offer some sort of rating for new vulnerabilities. Although the ratings indicate how serious the author thinks the vulnerability is, you or someone in your organization will have to make that determination once the impact on your network is understood. This may sound obvious, but a threat to your DNS involving spoofing may seem low grade until you realize exactly how much trust we place in an untrustworthy system.


Best of the Web

Data deduplication: Declawing the clones

Data deduplication is emerging as a critically important new arrow in the storage administrator's quiver to answer hard questions about the increasing problem in storage growth costs.

Quick Read

Compression, Encryption, Deduplication, and Replication: Strange Bedfellows

One of the great ironies of storage technology is the inverse relationship between efficiency and security: Adding performance or reducing storage requirements almost always results in reducing the confidentiality, integrity, or availability of a system.

Quick Read

WAN Optimization Whitelists and Blacklists

Optimization is a fantastic way of saving money and creating really happy customers at the same time, but it doesn't work flawlessly for all applications.

Quick Read

WAN Optimization as a Managed Service: It's Not About the Cost

This insight examines how organizations outsourcing their WAN optimization initiatives to a third-party go about achieving their goals for application performance, reducing operational costs, and streamlining enterprise infrastructure.

Quick Read

  Sponsored Links

Premium Content

Next Generation Data Center, Delivered, November 17th
NWC


Salary

Video

View All Videos

Most Popular

Stories Blogs

More Stories »

Whitepapers

More »

BlogRoll