Greg Young

See the analysis in the Gartner First Take here regarding the network security impacts.  We also have a separate First Take on the Secure Web Gateway aspects of the events here.
Anyone who says that there will be a new buying center created from the convergence of host security and network security has to put a nickel [...]

[Read more →]

DMZs are expensive to begin with.   It is remarkable the growth in the amount and variety of security equipment we need provide web access, send emails, and give staff access to some information the need: multiple firewalls, IPS, anti-spam, anti-virus, SSL termination, web application firewalls, SSL VPNs, … a lot of expensive stuff.   This is the [...]

[Read more →]

A high number of client inquiries I receive are around DMZ redesign.  This is the hardest task in network security you can undertake because there is no one-size-fits-all DMZ design and there are many moving parts in play.  The good news is that getting the DMZ right will likely be one of the most beneficial [...]

[Read more →]

A lot of the datasheets for network security products have made it really hard for customers to conduct an apple-to-apple comparison.  I’m not talking about the overall IT industry practices with datasheets.  In the last 24 months, especially in the areas of firewall and IPS throughput,  a number of companies have started listing uninspected port throughput as the [...]

[Read more →]

It used to be that having a honeypot was a sign that you had good IT security.  The reverse is now the case.  When the threats went from motivated to automated, determining if you are a target is not that valuable.  Everyone is now equally a target, and the threat is persistent.
Your network is now [...]

[Read more →]

If you work in IT security and haven’t read Franz Kafka’s The Trial, you need to.  One of the themes from the novel is that when the rules are unclear, authorities have only as much authority as you give them.  This doesn’t make for good law or security.  Although life is full of gray areas, you should minimize them when [...]

[Read more →]

Security geeks love tired old metaphors and saws.  Often these are used like a threatened octopus spouting ink to confound opponents and provide intellectual cover to escape under, but sometimes they are helpful.
One oldie but a goodie is that “brakes don’t help you stop, they make it so you can go faster”.  Good network security let’s the business [...]

[Read more →]

When driving a motorcycle slowly and wanting to go left, you turn the handlebars to the left. When going fast and wanting to turn left very quickly, you turn the handlebars to the right. What? Huh? The magic of counter-steering. If you haven’t obtained permission from your spouse/significant-other/your-inner-cool-self to get a motorcycle, it works on a bicycle too (but [...]

[Read more →]

This morning at the Midsize Enterprise Summit (MES) I met with the Gartner analyst who is the research area lead for the Gartner Small and Midsize Businesses (SMB) vertical, Jim Browning.  We discussed the low success rate of enterprise IT vendors who try and move down-horizontal, and how few “get” SMB IT.  I always learn a lot from him, so I [...]

[Read more →]

Tap dancing is the mother of invention.  This morning at MES I delivered a new presentation “Network Security Best Practices for Midsize Enterprises”, for the first time.  Although I covered all the acronyms, I realized about halfway through that I was talking a lot about In The Cloud security and comparing it to MSSP services, but it needed [...]

[Read more →]