See the analysis in the Gartner First Take here regarding the network security impacts. We also have a separate First Take on the Secure Web Gateway aspects of the events here.
Anyone who says that there will be a new buying center created from the convergence of host security and network security has to put a nickel [...]
Entries Tagged as 'Security'
McAfee Announcement to Purchase Secure Computing
September 29th, 2008 · 1 Comment
Tags: Security Events
The Most Expensive Decision You Make In Network Security Isn’t About A Product
September 29th, 2008 · No Comments
DMZs are expensive to begin with. It is remarkable the growth in the amount and variety of security equipment we need provide web access, send emails, and give staff access to some information the need: multiple firewalls, IPS, anti-spam, anti-virus, SSL termination, web application firewalls, SSL VPNs, … a lot of expensive stuff. This is the [...]
Tags: Security
Do You Need One Firewall Vendor or Two?
September 26th, 2008 · No Comments
A high number of client inquiries I receive are around DMZ redesign. This is the hardest task in network security you can undertake because there is no one-size-fits-all DMZ design and there are many moving parts in play. The good news is that getting the DMZ right will likely be one of the most beneficial [...]
Tags: Security · Security Research In Progress
Little Fibs, Big Fibs, and Datasheets
September 25th, 2008 · No Comments
A lot of the datasheets for network security products have made it really hard for customers to conduct an apple-to-apple comparison. I’m not talking about the overall IT industry practices with datasheets. In the last 24 months, especially in the areas of firewall and IPS throughput, a number of companies have started listing uninspected port throughput as the [...]
Tags: Security
Honeypots No More
September 24th, 2008 · No Comments
It used to be that having a honeypot was a sign that you had good IT security. The reverse is now the case. When the threats went from motivated to automated, determining if you are a target is not that valuable. Everyone is now equally a target, and the threat is persistent.
Your network is now [...]
Tags: Security
Kafka’s Acceptable Use Policy
September 22nd, 2008 · No Comments
If you work in IT security and haven’t read Franz Kafka’s The Trial, you need to. One of the themes from the novel is that when the rules are unclear, authorities have only as much authority as you give them. This doesn’t make for good law or security. Although life is full of gray areas, you should minimize them when [...]
Tags: Security · Security Events
Security Making Faster Networks
September 22nd, 2008 · No Comments
Security geeks love tired old metaphors and saws. Often these are used like a threatened octopus spouting ink to confound opponents and provide intellectual cover to escape under, but sometimes they are helpful.
One oldie but a goodie is that “brakes don’t help you stop, they make it so you can go faster”. Good network security let’s the business [...]
Tags: Security
Turning the Midsize Motorcycle So You Don’t Crash Into a Firewall
September 17th, 2008 · No Comments
When driving a motorcycle slowly and wanting to go left, you turn the handlebars to the left. When going fast and wanting to turn left very quickly, you turn the handlebars to the right. What? Huh? The magic of counter-steering. If you haven’t obtained permission from your spouse/significant-other/your-inner-cool-self to get a motorcycle, it works on a bicycle too (but [...]
Tags: Security
Onsite at MES: Web Security
September 16th, 2008 · 2 Comments
This morning at the Midsize Enterprise Summit (MES) I met with the Gartner analyst who is the research area lead for the Gartner Small and Midsize Businesses (SMB) vertical, Jim Browning. We discussed the low success rate of enterprise IT vendors who try and move down-horizontal, and how few “get” SMB IT. I always learn a lot from him, so I [...]
Tags: Security · Security Events
Onsite at MES: Defining “In The Cloud” Security
September 15th, 2008 · No Comments
Tap dancing is the mother of invention. This morning at MES I delivered a new presentation “Network Security Best Practices for Midsize Enterprises”, for the first time. Although I covered all the acronyms, I realized about halfway through that I was talking a lot about In The Cloud security and comparing it to MSSP services, but it needed [...]
Tags: Security · Security Events