Here's the big chicken-and-egg problem of IT security: Traditional intrusion-and-prevention systems rely on a virus signature to identify the attack, but what do you do if you have been targeted by a new, unknown virus whose signature is not yet known? (See Security Approaches Day Zero.)
Increasingly, security vendors are launching products that target the initial effects of an attack, rather than the virus signature. This could be, for example, a PC that suddenly starts sending out thousands of emails after being infected by a virus. Known as "zero day" technologies, these products can then isolate the rogue device before other machines are infected.
Paul Proctor, vice president of analyst firm Meta Group Inc.
says that the market for these types of product is turning into an "arms race," with vendors increasingly looking to add new capabilities.
This week, after three years in the research lab, California vendor eEye Digital Security became the latest firm to enter the zero-day fray. The companys new "Blink" product works by installing a software agent on devices such as laptops, PCs, and servers (see eEye Launches Blink).
The agents, which are managed from a central point in the data center, use a network firewall to prevent unauthorized programs from running on the device. They can also control unauthorized connectivity from other devices and detect non-compliance with security policies, according to the vendor.
What skills do network managers really need to properly secure industrial networks? What new protocols, frameworks, and regulations are important? And what conferences and certifications can help? Here are five tips to get started.
A full-stack approach to retail edge offers retailers a way to optimize operations and adapt to changes in a post-pandemic world.
Network management tool sprawl is getting in the way of network management. It’s time for IT to do something about it.
