Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


AT&T Wants You to Float Your Security Off into a Cloud



 By: Lisa Vaas
2007-03-15
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


  Table of Contents:
  1. AT&T Wants You to Float Your Security Off into a Cloud
  2. ' Audience Reaction '

Rate This Article:
Poor Best
AT&T Wants You to Float Your Security Off into a Cloud
( Page 1 of 2 )

Reporter's Notebook: Edward G. Amoroso, chief security officer for AT&T, suggests ways companies can take a proactive approach to network security.NEW YORK—Edward G. Amoroso, chief security officer for AT&T, says most of us have no business running a network.

Businesses infrastructures have allowed complexity to spread like a cancer, he says, and most times we simply dont know whats going out or coming in.

"We have a service where we send out advanced notice that attacks are on the way to customers," he said.

"Well say, [Check out] UDP 1712, somethings brewing. Looks like a worm is coming. And they say, Oh. We ask, You got anything coming in? Anything going out? They say, I dunno. Most companies answer is We have no clue. Or We have no budget, or Not enough people, or this or that, or My department doesnt do that.

"And you say, you shouldnt be running a network. If you cant monitor and understand goesintas and goesouttas of your network, you shouldnt be running a network."

This was all during Amorosos keynote speech, titled "From Reactive to Proactive: The Case for Cloud-Based IP Security," at Ziff Davis Enterprises Security Summit 2007 here on March 14.

Amoroso is calling for a stop to the cycle of network attacks, followed by network fixes, followed by attacks on those fixes, and on and on.

"The whole thing has gotten kind of ridiculous," he said. "Somethings not in balance when were spending [as much on security as we spend on the initial technology]."

Resource Library:
At the heart of the problem are three issues, he said. First, the state of software engineering now is in "an abysmal mode."

"Its absolutely embarrassing. … Its like gangrene was treated [before modern surgery], when they gave you a shot of whiskey and tied you down and hacked off the arm. Contrast that with how we treat it today, with surgery. Where were at with software engineering" is the pre-surgery days, he said.

The second issue to Amorosos mind is that system administration is also in "an abysmal state."

Click here to read more about AT&Ts efforts to boost its managed security services.

Amoroso was referring to what people do in their homes, not at work, with ISPs delivering attacks to our laptops and not lifting a finger to stop them.

"Right now the situation is we dont look at anything, we dont touch it, dont sniff it. We pass it along, truck bombs and all," he said. Then again, who wants their ISP sniffing around at their surfing habits? Amoroso said.

"The majority of Internet traffic and queries may be something you dont necessarily want your carrier to be logging about you," he said.

Still, its too difficult to administer a computer in 2007, he said. Look at Vista with its vast lines of code: features keep going in, but nothing ever seems to come out of operating systems and other software.

"The less software you run, the better off you are," he said. "Look at Unix: Its bare bones, simple switching. The core fabric is pretty simple. That stuff is still running, 40 years later. There have been a couple of problems in 40 years—and that sounds about right, thats what it should be. How come we cant do that?"

The answer, of course, is that Unix wasnt written to make money off of, Amoroso said. But its that urge to shorten time to market, to get new technology into business and consumers hands fast, thats causing the industrys lackluster record on product security, he said.

"All this discussion around security, were talking about the wrong thing," he said. "We should be talking about the correctness in software. Its the bugs that are the problem, not the scaffolding you build around [things like kernels]."

Meanwhile, ISPs like AT&T are sitting back and watching the problems roll in like black clouds on the horizon, Amoroso said. They know the graphs of IP backbone traffic like the back of their hand.

One example is Super Bowl Sunday: ISPs can chart the traffic dropoff as soon as the game comes on. At half-time, ISPs see a partial traffic recovery as fans check scores and stats on their computers, and traffic rebounds after the game is over.

That intimate knowledge of IP traffic can be translated into malware awareness. In this day and age, Amoroso said, AT&T is seeing some 10 million PCs every day that are actively exhibiting scanning behavior. Do businesses recognize it? No, Amoroso said, and yet we still persist in recognizing exploits as an enterprise problem and tell businesses to shut off port 25.

Obviously, things have got to change, Amoroso said. "We need to redefine our relationship. We have a broken relationship between carrier and end user."

What AT&T sees first-hand are the class signatures of a worm: A patch is applied, an exploit is revealed, a slight ramp-up of traffic sounds a warning, and then the worm is off and running, causing IP traffic to soar off the charts as its infection rate explodes.

"Its predictable and synchronous," Amoroso said. "Post day zero, you have a code snippet, you see the [activity on the Internet become] more rapid, it spikes, you see fizzled [worm] tests, it ramps up, [it gains] volume, [it exhibits] varying strength, [and then you see worm] variants."

And much as wed like to pat ourselves on the back when we miss getting infected, it all amounts to Russian roulette, he said.

"Its [techie peoples] little secret: When youre not hit, [your supervisor] says Good job, and you say, Thank you, were a vigilant group. We took proactive vigilance steps, not like those chuckleheads in that bank across the street," he said. But next time, he said, youll be the chuckleheads.

Meanwhile, enterprises own and operate and pay for a legion of technologies in their demilitarized zones.

"Something does not smell right about this," Amoroso said. "You watch revenue decreases in telecom, but do you feel like youre spending less in this? Of course not. Its not that theres this big giant hacking problem. Its that, architecturally, things are out of whack."

Offload it all to your carrier, put the DMZ into the cloud, and what do the hard numbers look like? Amoroso said that AT&Ts statistics on the reduction of software licensing fees that would result from putting security into the cloud—for example, into the hands of your carrier—brings about a reduction of 35 percent of what businesses formerly spent on protecting the perimeter.

Next Page: Audience reaction.





  Reader Comments: AT&T Wants You to Float Your Security Off into a Cloud
>>> Be the FIRST to comment on this article!
 


 
 
>>> More Network Security & Hardware Articles          >>> More By Lisa Vaas
 


x}r㶲s\@♵MR%heyY{MT(S$IVreoВ/㩱%lh|GgoD0 8ܢd;|9|@D%SjNAM3g{ھl es_gp,mg h{=Dm@~5; r!&>֥qȏ} c1 [tV;v oT| pfL&;=a>"E%k4ًʏqGOw0{/<Pcw̪0}Gdh9[P;Uyah/@Zj#\Dȁ{4ɿT՝ D=TV,w2*-&{1ҡc)u 9%Tը>3-u@|ݖ|cXulAzf@h ɠEuL_CԿ($fʀ [8#/nyy,\t ̿{׳C}t;mgE-"GlRۆؼ?0}$OLErؗ#Y֍A,sti cM-*R<<Mp}˴&2͏ϷZ/sjvz9([pnKVa*:ӫn{';yX} Vb}" @D%\.gI"0iMmdڽ~H}AFI?j|%rX<,hv$(I-bv=ӧH0Cƌ^8rrn򳩥uo]]^{-o~8jΐ|bP+Mz(#1hؕ3Fz3G_/:nΚ7ϗ7fGκWٺnzH GlH  Wh6 -N/7#?!"w󁭡<0Mߑҡ~Fb=lio]~:9o$7SYn_s`HmDi[ܺȑ\ yǛ+a(7F`XӀ7? iP2\ 8X@.@ש#07ۯzxxf-Mn "dh|]w)P3Z$j923=Pr5&Sk~$M cb.L2o2|)m̗U/d`(AK/g- 5t*軤(If0;A0<^f/_\RG 1 p1S{n2.sd>U<8yvwܬu"*մ[fhEށؓYtjeOVxǫ #KEHYf7-wI09ꨦUʇ+%YEPU _1q-~~j0B m]& :V}y0`h vz?3Ϩagnۉ!9~tDAG66^lzK裩IXn`vtHoqp{4ڭ-%H_ >< ZN;=H:}m`95$'CMߟs#09w ښA<QС4}a hp.ppyY?90d} w,߃9#z[MKx GRN\QoDM2(%E2 EEKi@( $hO`r,lbo(?LHX-VpDJm'8Ν3PKRX){TKh+K@f:34YIJMGѺń(VFNDl0Vf)J|z[.z8 9r!M5kb$`CfO Д /kb*q (tzS\O Όō$ЊOW}?ٲZdY6(V7v/KT:߮LR[k 2LZԵ1 E$$BY`}.eGQHīd - &m;@=pl=5Ǡ}nP jrAjS#4E:,Wfn  (!r?-j(6 /3XSq;hzE;zu@nztqӱ3 m0TNǟG(a!w1JkX$ M=̔:Y[ ~2.|N +e@m\:b暺8쟯, {guaWhHssսT:㼝 cXA\ DrAab D$T `nR@:kRUԓxZC@^~~ J%$mtX2H=:{>Q7Ϗ9(ghW9d*'HR-ʪZJ _=>2z4Ebw8pc}y __ PݩM?? L0,}VAL}6݁ /r/,|rqZELYvO`s!AvЎ@'OeCTJb!<,`((*H30=: ͼz<_&?!AG5"耰!({3E6(1&o;@+ jZS~I1H%[S'sGťRC] 4}j-dqMU*Ղʾ_Zv+^> ) Lu0Ȑ%=Gl5ThnO.1Um$R*lCĮ01^*==@7_ -ʦ~g˦ՆgayϤNx-_N>0%Zȓ3;pi-uQB< 6|o D >RWo鸙 ĨhyUM+%Fےf038҃ϣ epv=[9,3?{談*dy{ zЭt;'vܶ RD71PUL xg4sfDcK6VNL&vxm"Y;"N_ ̽~ja9p驔rgPWtq͑/sOITz[VUe@5yH3k 9 =EЋqc<UL:خOl8oy U8e3 S`e3˕2~g^`. JU-~ tɝxAcEi\ihkc򑤏}ʧBDuQT5o UbPQKJBЛgaC.͂FNpi-EBSkps!p B0_ \PFͧ.^ʇl`\ASf<^ΐےtK3ק~ 6Ft)7 u獋 -r/鉚ƲRA3?0T OM= hQˤ̓G\\7h#tDSwgtcć)5sC\Դ"Hw ضRs'D:aqC` H\}PKdQ"Y @rrjT + ePxt|{W !&6ǷWXOdK!M$DDOCVgX& 21ǟM1Ή{}VU'&/!(0H_dpm;dU]uv'hEw%]w7f)hl{ї#dd˙]P^6{銿F>;o"$rӸz߾_>wQcr޾hI^KΓ!w"yKrBë=Uxi)qm2XG42p\8`&ziR_KٺĂKӜ$"j?N3$nx0GSkޚ8 V`!旁wPH2>(_1aXHT dDݻeޞ,Hq=Ym@ybZӽK3%ƗHã ,-WI+4$/EiA0ۧPR#A[dqP>XkI)j[UH*?vƇ!qbwy~@0GW|ȫb~]ȩzxXuwfܣmDi:n{GQ =dZnO8Z𿲜\ta_}`|;=sF'5\{ v,QM xql}HK,a43q=vbϓ{~\[("Ξe氎cnW gt!&HK.}8﷮HsarJs ނ3Q 6j 2'|b5o14L,*z>;l-3hL Z;xhor:? G OFx՛3\P`-ݺܭ1J "i#ĠHߙsrEs _5 4:ar*|"ZyVaoE[ά1!Ifm1ZP|9ߎ93{K4j Z*2kp+cS[K//.̼V&&o ZГqi+B<ыO-1j-}Of|k4᭰LgL U'2_vT^''\/_z}!KGpxox[qSLV4˺8O_TE-)r4e+ J&T70ʙQX`cŐ]yg"CWNĄ9įg {ECQ;.N𧪥?SuJ8q순ቡkW G߯?/AcJ !Ń;.QҚ_.?X-NLuMt[1z;˒F˲D"1vm)ϰTd%; n*r9:-{Ʉ0Yr8hGs,ORg9%Qm'@1parHgAW7AgYTu];-Ě? &:Ӗ[6F8NymXi첎B>:ގ¥eF靖3BjigGXP1Nf~}d6B7bo.Kn{H,u3> < er1C˺E``a]{'4,!\$.*JDZ)1Z7_z ? ݏ z bsO 9 \Lp^nJjܯIl⤈}Ɋz( B&CL,+{WNj4Q GAajRcۓRXPK,d ~E0+# aHY*Kn 5% 4\hql.x%U÷udYm)h?q0TzB::|yNZfF"h,_A UP؋%AncKIM+mKj`~̒#3@)RX,3ݏN+(uIQ|)刾}\hrmQ:¥&A7bEQ I$!H"@~l|}_yvnKa0&I0l/oԱ0͝׭[lAz/>oHWVe41T)ePZ(AF$Uڋa&Zi<'VؖO;Rhpu_d[TPSOIצ7%M+:T*9XAsHcE&zZ$bHHx%+a|hHmvtAǁL.|[:p@.R-3ݴmYk>M8h%pظ!a N<Qz~x%eHpc978u0r_\(ͿͿͿͿ¿{X"ݼ,B"!aH-.,{-}Gl/ƥ?߄QC<H ODaxBPo޿{}(J`X?-)=}-GKh0ݝ x0] -,r6q!"AL: DP٫kޞ3^ޒ ,ژn#V$]pD_L1?YdSV>hc}KmPD-[u-)|שB,|?QOxޔKa6*xk&o 2P>Iǧ1|gOBz= . bҒKiu߼ SXj[)P֦\L'v7 EXe4sQZْJ˯F4M_E|>Bsצ=g{^ц0I FS "Pǻ$Mwإ\qS L@ޝ$BpXlߐJjP(.T7 DnL$1$!i3Iy FPߥ&gwIo0@.jksuw)8:+++ -7hA; SmǸ{iP̻~D#f1X %+7kc?Z G0&7d(V3/L'GnJ^߁aq2R1{sczyLc|6% !44_'?3QS0Q[wݚ'hw/c{ WHKc\17'rQ^u/W%6us/=x}_n,"iwl5/$~0Okǻn֍HwlQ'/*+;w_tF1xLE !kw~4-[߲FU3%<Ӟu=P{_B亿x>8P(߷r]Tş-z+,\-O=kB *܄|_|R'5NWszcmo QTmXo镐Mk3I"A-[o&6௶eula}~*^ /{*淵qdyΜ;mV)K[jhk>ˎ4|nzp=W/!4S2Ć]a+I錂qnro Sc2J<6h` EVГwuz`{Spms5o^"ҶOrX߷889̫톹꿓$ySmz`'ݴŝX,hMVÙBt}ųsavDxUr~ܷa{/5wTaʡ1tq*o(zXMq})Mv{Γ{K|&OC g A&ϗ'za3@a]IY{ʲfSxh vf4iSu&.[{쏉T= ? KL)`G%]!C~0gxNKfOA&r副Y" X@Mttxw>{^ē{~O6eevךS|l:nX;*ju:6nߗ DW$= !kjb`!M4#|.IAwy4,d~D?S9E=1>-V8EXH+96i>GK]ILa!-(!-D.~aIz-R&sψ$_9quMMm& 0kaD v("l\M'q/丱5ˋqAE& :r<ƽG7 KflǛäacNͦ"f xѴ;B*sN oh*ʡsYBKRku+N ߥtc [cĻ#UA2AKu݊*R!?Ώ|^ca:k6j=!ɣ`58?}cvn&"-m']қ≠DU¹ux&mE8a<_݉ *gE'2CVmj|)5,\ ?\πJ*nA4`}"lR$26ЭZ'z`D/OYjJEU0=: dY I,b+J4r1s4']/,QkOu$vy1K%XS#o鞵gGaT؀,9M;,G J6~Ky@-|}.[œ>V-V]M5JPo , #^aw#׭ lsltO&90۱px6-Rý<&HPjߙc/:OyX~)ʒLq ͬG[RJYIvi~Xev7)h t[M@ئÏu\:2uT>#V̯mR߃q}%|#+'&[Q{Z 2 CL0\ֿ-'|͌V:me4xc旛P TTbЭB1˪M;InP}sY?e=` ' 2t/x߹[!VU'r&-*H4;-තEhWD 7߄QT1 :{ᛂrPZ-E)G_ 6a^ZGZq!G)xA 2K= o~{@\r r,Ie%+փފ> sF@Yj$ G P56wԄ:nZH9h[~몇V Y™6q<y( >4x&:ߣSCO좺t9~vn0Osˮci6P/χ\n\h[:L8!ijoGǫr0[$}A~b C:΁ lZ=*F(ЄG#Os3UǸZsxXm!aoH 1ba#^ôG֜iĄQ/#D[/d 6C;b<1c|>O<(P,%r@3"V21C(c^BMFKFs ^7Xh0usXg- .E.[q{+[!63%%~6t0VQ1e& > cw[7gΥITDZ||N]ƒ $B1Ӝh1@2dzwȗ?0(.ŌCZQJФ*t+R0cU-%+_oSwV7X)z+i+Kj9Iˑ1;^h``frOuvc޸ී৓1g'>;@ D5_gdwQ{1?sw1]7]? ͐/@q _fsA?=/c=/c}~\ S}]CuV9:c|׀ @MV9M@7d_RIRF5.qvJEsQ^O2Ty~)PgP! g z-22Bό ~/>{'sg+i\WKM0TntEճKL7cn%:v ^_WOEV.ɘwKm{xF`wƨ⮬f\c&\`v]Me~^,6bRFՏ⣭A{=M,gh`Erb9Gu ZQ8݈83lwZNz]HnRɻDwtye.lHP=ۺ9l܆,`0nԙ%O_''4WB):3Up6 i)wlFv"h/X9VX#e /EݩcEv/IOܡI LPxUE0P$=Cb KvHčHz$Ma GOkd9HR=I*4uMfβْ4szn%0)% KBlPՍFoU3! b9?v"ㅰx/Z^y|Xeֳ| 6Yұ ߚQ DOQ[K|iKڼAߍKd7-YoˊL3t#m{4RVfХA񿄷zH, 7AQ^+yJ * >=.X&">m?'.V0N9DePޙix<'c:1cbV!qdzӧ׍+e[a O2k! X/ ;:SAW C ⁜2ћ1^*=_v{[=/'R`.Oh<˜4W6IĶqyұт˩.X)>e .^A-F14Mo,gkVTF \L味<AC9Xqk @c݄6:L]Ll&j1Bi>c1}p1LX+0_mkASsDeU|tCGYEL`&;]+NJ^9=O9*R$L0MÄrM"5poq-yeיHpKxqBaʩȩ(v}_\%hw2b5ŠbiOR<5.r+ Sq|>o\7,{ї#RIg~V;~!<~vk .3JbQ'.i)>wb3-/=i~|tєŠ҂%!t4!ջl4ɊxY0]\}!l6n_1?iTUA$7yE1em*P)V []jv[W(~r[)CU:M\"GZk/%!zRM39Q2kFsk&|ƷR2ұeRZ`l/Z?PN2*