Network Computingwww.networkcomputing.com

Get Your Shields Up!

Posted by George V. Hulme
October 11, 2004

Tags: American Electric Power, Blaster, Check Point Software, Cisco Security Agent, Determina, Entercept, George V. Hulme, Internet Security Systems, Intruvert, Juniper Networks, McAfee, Okena, OneSecure, Platform Logic, Proventia, SQL, SQL Slammer, Sana Security, Symantec, TippingPoint, Witty, anti spam, defensive signatures, firewall, hackers, intrusion detection, intrusion prevention, myDoom, security, unauthorized access, virus, worms, Administration, Anti-spam, Antivirus, Application Security, Authentication, Client/Server Protection, Company Privacy Policies, Compliance and Policy Management, Customer Privacy, Data Networking & Management, Data Protection, Data Security, E-discovery, Firewalls, Governmental Security Issues, Intrusion Detection and Prevention, Network Security, Other, Privacy, Regulatory and New Legislation, Security Collaboration, Security Hardware, Security Policies and Management, Security Service Providers, Security and Privacy, Software Security Patching, Software and Hardware Vulnerabilities, Technology and Best Practices, Threats and Attacks, Trojan Protection, Vulnerability Assessment and Management, antivirus

Channel: Other, Networking & Mgmt, Data Protection, E-discovery

Though many companies now use antivirus software, intrusion-detection systems, and firewalls, hackers and worms still infiltrate business-technology systems and cause serious damage. Attacks such as Blaster, MyDoom, and Witty cost businesses more than $10 billion annually.

To combat the growing problem, security professionals are in search of better protection. They need more-intelligent shields that can fend off new attacks as they happen, rather than relying on signatures--tiny snapshots of code used to spot and block attacks--published by security vendors only after attacks are under way.

Intrusion-prevention systems may be the protection companies are looking for. Unlike conventional antivirus, firewall, and intrusion-detection systems, these proactive tools are designed to protect vulnerable computers and thwart unforeseen attack methods.

New intrusion-prevention systems are better able to stop attacks, Michael Assante, VP and chief security officer of American Electric Power says.

That's important, especially since attacks are getting too fast for reactive security tools. Consider this: When the SQL Slammer worm hit the Internet in January 2003, it attacked a 6-month-old vulnerability in Microsoft SQL Server. But in March of this year, the Witty worm struck a buffer-overflow vulnerability only one day after the flaw was found in various Internet Security System Inc. products. Security professionals are even more concerned about so-called "zero-day" attacks, those against software vulnerabilities that have no patches or defensive signatures because they haven't yet been publicly disclosed.

Related Reading

More Insights