Gartner Blog Network

Posts from Date:   2010-5

Web Application “Firewalls” Make My Point

by Neil MacDonald  |  May 19, 2010

In my previous post, I talked about how the term “firewall” (and the term next-generation [horseless] firewall) really doesn’t capture the fundamental transformation taking place as these network security platforms become context aware and adaptive. My colleague, Bob Walder, argues that the term is just fine – kinda like tiles for the house. If everything […]

Read more »

It’s Time to Retire the Term Firewalls

by Neil MacDonald  |  May 18, 2010

In my research on Adaptive Security Infrastructure and Context Aware Security, I have concluded that future information security policy enforcement points must move security policy enforcement “up the stack”. As we move to virtualize our data centers and adopt cloud-based computing platforms, security policy can no longer be bound solely to physical attributes such as […]

Read more »

The Future of Information Security is Context-Aware and Adaptive

by Neil MacDonald  |  May 15, 2010

In previous posts, I talked about the need for information security to become more adaptive – adaptive to changes in the threat environment and adaptive to changes in the business and regulatory environment. This is the subject of my ongoing research project on Adaptive Security Infrastructure as a Gartner Fellow. I’ve also discussed how the […]

Read more »

Application Control / Whitelisting Interest is Growing Rapidly

by Neil MacDonald  |  May 11, 2010

I’ve had three calls today on application whitelisting – and that’s after another half dozen or so calls on the topic last week. I think we’ve finally turned a corner and are coming out of the “trough of disillusionment” on the Gartner hype cycle. What’s changed? A couple of thing, but I believe the attacks […]

Read more »

159 Pages of Security Goodness… and More on Symantec/PGP/GuardianEdge

by Neil MacDonald  |  May 6, 2010

Three quick things: The Center for Internet Security recently published its hardening guidelines for Windows Server 2008. It’s comprehensive – 159 pages of explicit guidance for the correct configuration of Windows Server 2008. CIS provides guidance for many other platforms as well, but I had several clients waiting on the update for Windows Server 2008. […]

Read more »