The Next Step

By Teresa Jones  |  Posted 2004-04-10 Print this article Print

: Intrusion Prevention Systems"> Intrusion prevention systems (IPS) were developed to alleviate this. IPS technology takes IDS one step further by not only letting you know when there is an attack, but also attempts to redirect the attack away from vital network assets.

Although firewalls, IDS, IPS and even anti-virus tools perform an important security function on the network, they require an incident to occur before they jump into action. Look at them as the firefighters of network security - when the fire starts, youll definitely want to have them around.

However, by taking a reactive approach only, it is very easy to become overwhelmed. Take the Great Chicago Fire of 1871; most of the city burned down because firefighters simply could not handle the magnitude of the fire. In much the same way, if you use only reactive technologies, you run the risk of not being able to respond either fast enough or comprehensively to all the threats to your network.

Prevention is the Key

With the evolution of network security, new approaches have emerged which focus on prevention. Much like with the proven model of fire safety, being proactive is the key. Vulnerability management (VM) and vulnerability assessment (VA) are focused on providing organizations with the intelligence required to stop attacks before they even start. While VA technology identifies threats by scanning the network, VM takes this one step further by also managing the process of eliminating the threats.

The approach used in VA and VM technology is particularly effective as the majority of attacks are preventable. In fact, the CERT® Coordination Center (CERT/CC) reports that 99 percent of attacks target vulnerabilities for which there are known countermeasures. VA and VM technologies automate the discovery and elimination of these vulnerabilities - effectively reducing the risk of successful attack by 90 percent or more.

The primary benefit of these proactive technologies is that they enable your organization to mitigate risks to network security in a controlled and measured way. Much like fire inspections where investments are made upfront to ensure buildings are up to code, proactive security technologies such as vulnerability management enable you to identify your risks and predictably eliminate them. There is a clear financial benefit from this approach - proactive security is predictable and easily budgeted for; reactive approaches alone leave you open to major and unpleasant surprises.

One of the biggest challenges with VA and VM, as well as the other security solutions discussed earlier, is that most products are standalone. This means that while you may have all the right technology, it can be difficult to fully understand the big picture.

The good news is that the network security industry is moving towards making the concept of integrated and intelligent security architecture a reality. Already, we are seeing VM systems being used to correlate data from other systems, extending the intelligence of IDS, IPS and firewall offerings.

Next page: Integrated Products Are Better

Teresa has almost twenty years experience in the IT industry, working in a variety of different end-user organizations ranging from confectionery manufacture to car parts manufacture and distribution. After gaining an upper second in Economics and Statistics at Swansea University, she decided that computers were definitely the way forward. She started her career in IT as a trainee systems analyst, progressing to senior analyst, developing complex systems including an in-house mainframe purchasing system. She gained experience on mid-range systems at a printing plate manufacturer, working as a business analyst.

Teresa was involved in the preparation of proposals for the selection of package systems for the real-time analysis of data from the shop floor and the maintenance department. More recently she has been involved in the worldwide implementation of an enterprise system in a large multinational, designed to streamline the organization's supply chain. The time taken in communications between the various companies within the group became a significant factor, involving the testing and implementation of EDI links within the company as well as with external suppliers. Working with colleagues in a variety of countries and cultures proved challenging, so she decided to add German to the French and Russian learnt at school. She assisted with the testing and roll-out of a Business-to-Business (B2B) e-commerce solution, and was the prime force behind the development of a Corporate Intranet, providing on-line access to user guides and training material.

Teresa joined Butler Group in early 2001, and has contributed to a number of major reports, including Customer Relationship Management, Business Process Management, and Enterprise Application Integration.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel