Upcoming Events

Cloud Connect
Santa Clara
Feb 13-16, 2012

Cloud Connect brings together the entire cloud eco-system to better understand the transformation we're experiencing and promises to be the defining event of the cloud computing industry. Learn about the latest cloud technologies and platforms from thought leaders in Cloud Connect’s comprehensive conference.

Register Now!

F E A T U R E

Ever-Present Security Concerns Spur Market Growth

May 1, 2003
By Mike Fratto

	Issue TOC
	Print full article
	Print this page
	Download as PDF
	E-Mail this URL
	Discuss this article
	Flame the author

	In this article
	Introduction
	Categories and Winners
	Security Product of the Year
	Web Links

Fear of cyberterrorism, new regulations like HIPAA and a rash of well-publicized network vulnerabilities have moved security to the top of many organizations' agendas: Forty percent of nearly 1,000 IT managers surveyed by IDC rated security their highest priority. And IDC predicts security spending will grow from $66 billion in 2001 to $155 billion in 2006. Lots of vendors are angling for a slice of this pie, so if there isn't a piece of hardware or software out there yet to solve your problem, just wait a minute.

Two key areas to watch are automated attack blocking and endpoint protection.

• Automated attack blocking: IDSs and firewall integration were the forerunners of this product field, which is putting an emphasis on NIP (network intrusion prevention). The only way NIP will succeed is if intrusion detection increases in accuracy. Blocking authorized traffic hinders business processes while allowing malicious traffic keeps your network vulnerable. Vendors are trying to increase accuracy by blending multiple detection methods--such as signature and traffic-anomaly detection. Thorough testing of the accuracy of the IDS component is required prior to enabling automatic blocking. NIP products can act as high-speed, high-performance IDSs, so they can pay off even if you're skeptical about intrusion prevention.

Application firewalls can raise the network protection bar, too, though you'll pay a price in performance because of the extra processing required to delve deeper into the application protocol. We have found, however, that many application proxies can break the 100-Mbps barrier, making them suitable for internal firewalls in addition to their conventional placement at the perimeter, with minimal degradation.


		• Introduction • Security • Network & Systems Management • Mobile & Wireless • Digital Convergence • Business Applications • Infrastructure • Storage • View out On-Demand Webcast of the WCA. Ceremony. • Best of Interop On-Site Awards

• Endpoint protection: Much attention has been focused on pushing protection not just to the edge but inward, toward internal resources, and rightly so (see "Secure to the Core," at www.nwc.com/1401/ 1401f1.html). Guarding typical ingress and egress points is not enough. You need to deploy protection where the vulnerabilities reside--on the host. HIP (host intrusion prevention) is one way to ensure that applications access only those host resources that are required; they do this by capturing requests or modifying system calls for resources, such as files and network access. Because many attacks force an application to access unnecessary services, HIP products are well-situated to block attacks against the operating system--if the requesting application is denied access to resources at the kernel, attacks against the operating system are stopped in their tracks.

Finally, application-level attacks, such as those targeting Web applications, can be stymied by protocol-specific products, and desktop firewalls add a layer of protection by inspecting all the data that enters or leaves the machine and regulating network access for PCs and applications. Mobile users are particularly prime candidates for this type of protection; while desktop firewalls are not foolproof, they do block inbound network access and can regulate which applications have outbound access, further challenging potential attackers.