NETWORK WORLD NEWSLETTER: SCOTT CRAWFORD ON NETWORK/SYSTEMS MANAGEMENT 11/17/04 Today's focus: Three key 'people' technologies for IT security mgmt.
Dear [EMAIL PROTECTED], In this issue: * Policy, real-time anomaly detection and context-aware security * Links related to Network/Systems Management * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Empirix HP OpenView Integration White Paper Still managing your business critical applications from an IT perspective? Learn how to leverage your HPOV investment and manage these services from the perspective that matters the most - the End User. Click below to read this new white paper and obtain the key to your Web management strategy: http://www.fattail.com/redir/redirect.asp?CID=88488 _______________________________________________________________ DOWNLOAD INDUSTRY WHITE PAPERS NOW NW Fusion's White Paper Library is your source for the latest industry white papers. Recent additions to the library include white papers on WLAN Security; IT Documentation; protecting the internal network from worms, Trojan horses, and other malware threats; measuring employee productivity and more. Click here to download: http://www.fattail.com/redir/redirect.asp?CID=88310 _______________________________________________________________ Today's focus: Three key 'people' technologies for IT security mgmt. By Scott Crawford With all the technology focus in information security, it can be easy to overlook the fact that security is primarily a people issue. Relationships of trust and the ways people use information systems are at the heart of managing IT security. If people do not adhere to secure computing policy and practices, assumptions on which security is based may prove dangerously false. Many feel it is only a matter of time until the worms and blended threats that have overwhelmed networks with blinding speed bring us "the big one" - an attack that actually damages systems or destroys data. Without consistent enforcement of policy on how people use IT, many fear these attacks could be devastating. The enforcement of a security policy on systems connecting to an enterprise network is at the heart of the Cisco Network Admission Control (NAC) and Microsoft Network Access Protection (NAP) initiatives; thankfully, Cisco and Microsoft have recently announced at least the intent to cooperate. Security managers need not wait for these high-profile initiatives to come to full fruition in order to better implement security policy, however. Many alternatives are available today, such as Solsoft policy management systems, the policy-based offerings of Nortel and Enterasys, and the enterprise endpoint security frameworks of Sygate, Endforce, Check Point, WholeSecurity, InfoExpress, and many others. Policy plays a critical role in the trust placed in identity management and provisioning, and we can expect the emergence of even more comprehensive approaches to security policy management in the future. Regardless how thorough policy management may be, the increasing variety and flexibility of "people-friendly" ways to connect to an enterprise network means that threats will always penetrate. This is a primary concern, because if "the big one" is a "zero-day" attack - a threat that spreads rapidly before its signature can be recognized - it may do considerable damage before a response can be effective. This is where "real-time" defenses can play a proactive role. Network anomaly detection techniques such as those of Q1Labs, Arbor Networks, Lancope and Mazu Networks, are merging with established signature-based approaches to intrusion prevention in products of companies such as Sourcefire, owner of the intellectual property of the popular Snort intrusion detection system. These techniques can recognize an attack before it is even known, by identifying potentially threatening network traffic. When coupled with network discovery and awareness capabilities such as those of Lumeta or Computer Associates eTrust Network Forensics, defenses can become even more potent, as they enable the prioritization of security issues based on the actual context of a threat or vulnerability. This is the differentiator of Skybox Security, which enhances vulnerability management with the ability to prioritize based on awareness of network context and likelihood of attack. Among the interesting innovators in contextually aware security is Citrix. It may be just fine to deliver a sensitive spreadsheet to an authorized user on a LAN, but when that same user seeks access to applications from an airport kiosk, for example, Citrix access management products are increasingly able to differentiate that context and manage information delivery appropriately - particularly when the user can't, or won't. Policy, real-time anomaly detection throughout the network, and context-aware measures: three key technologies for managing the security of how people use IT, and three areas particularly worth watching as they continue to mature. RELATED EDITORIAL LINKS How best to patch: a debate Network World Fusion, through 11/19/04 http://www.nwfusion.com/cgi-bin/forum/gforum.cgi?post=1964 _______________________________________________________________ To contact: Scott Crawford Scott Crawford, CISSP, is a senior analyst with Enterprise Management Associates, an IT industry analyst firm headquartered in Boulder, Colorado, focused on all aspects of network, system and application management in the enterprise. The first Information Security Officer for the International Data Centre of the Comprehensive Nuclear-Test-Ban Treaty Organization in Vienna, Austria, Scott has also been a systems professional with the University Corporation for Atmospheric Research as well as Emerson and other public companies. He can be reached at <mailto:[EMAIL PROTECTED]> _______________________________________________________________ This newsletter is sponsored by Intel IT Productivity; Increasing ROI Learn how to effectively measure employee productivity, manage IT investments and reduce the Total Cost of Ownership in enterprise data management. Visit Intel's IT Productivity center. Click here to download white papers, books and IDC Research. http://www.fattail.com/redir/redirect.asp?CID=88377 _______________________________________________________________ ARCHIVE LINKS Archive of the Network/Systems Management newsletter: http://www.nwfusion.com/newsletters/nsm/index.html _______________________________________________________________ Embracing Linux While Preserving Your Outlook Gregory Volan the CIO for Bloomington, Indiana, and Julie Hanna Farris, the Founder of Scalix, take you inside that city's successful and seamless migration of email and calendaring to Linux. Watch now. http://www.fattail.com/redir/redirect.asp?CID=88435 _______________________________________________________________ FEATURED READER RESOURCE NEW! Website dedicated to Networking for Small Business now available The editors of NW Fusion and PC World have combined all their expert advice, authority, and know-how into a powerful new tool for small businesses, the new Networking for Small Business website. Get news, how-to's, product reviews, and expert advice specifically tailored to your small business needs. Find help with Security, Broadband, Networking, Hardware, Software, and Wireless & Mobile technology at: <http://www.networkingsmallbusiness.com/> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
