Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Host-Based Protection Protects Servers

For the past several years, we've called for a shift from perimeter to asset-based security. We began making that case in 2001 ("No Desktop Is an Island,") and strengthened it in 2003 ("Secure to the Core,").

Perimeter-based security fails because there is no longer a clearly defined perimeter. Wireless networks, remote users, encrypted communications, Web services, corporate spies, disgruntled employees, bribed administrators and socially engineered victims have seen to that.

That's not to say we advocate ripping out firewalls and gateway-content inspectors--layered defense is a fundamental tenet of information security. However, insider attacks can dwarf the damage done by outsiders.

Make the last lines of defense--the endpoints--your strongest. And be proactive. This is where HIP (host intrusion prevention) comes into play. By giving a program or user only limited access to the operating system, HIP products restrict the availability of functions like read, write and execute, as well as protect system resources like ports, files and registry keys.

One downfall of the major operating systems deployed today is that the root or administrator user has too much power. If attackers can exploit a process that runs as the administrator account, or can gain access as a super user, they'll have free rein over the entire system.

  • 1