Centrally managed network security: hope or reality? Don't wait for the standards to evolve.

Author:Thomsen, Dan
Position:Software Intelligence

Ask any IT professional to predict the future of computer networking and you will get different answers. Guessing the future of technology has always been a dicey business at best. Planning ahead for the next set of security threats and building security solutions that are not vulnerable to these threats is even more difficult, because building network technology is, on the face of it a purposeful design process, whereas security threats are typically exploitations of sloppy engineering or cleverly threading together unintended uses for software. Future security threats and vulnerabilities are not something that is easy or even possible to anticipate.

The best hope for a security solution that protects enterprise-wide networks while allowing for centralized management is the emergence of standards. Security standards like DCE, Kerberos, SAML, elements of IPv6 and others continue to be the Holy Grail for which we wait. However, the wait continues after decades with little hope for a standards-based security solution in the immediate term. Why wait for a new standard when an existing standard will do.

Let's take a look at some of the security issues facing the IT professional and see what management problems they have in common.

All data, including passwords, flows in the clear over most networks

The insider threat is on the rise

Wireless networking means networking is not restricted to wires any more. In today's computer architectures, all data flows over the network. If the data stream is watched long enough, some juicy titbits are sure to turn up. Password sniffing, watching the network stream for unencrypted passwords, is the most obvious example. Unfortunately, it is just the tip of the iceberg.

Uncontrolled access to all network traffic ensures sensitive data will eventually be compromised. Access to the network stream must be limited to only the data bound for the host.

Another huge security problem that has been mainly ignored, because it is hard to solve, is the insider threat. An insider can abuse their privilege to collect sensitive data for the fun and profit of the individual, with no regard for the organization. The insider threat has always been much greater than the hacker threat, but mild-mannered, trusted employees stealing data is not headline material like a thirteen year old hacking the Pentagon. In reality, the disgruntled employee has more motivation and more access to sensitive data than any outsider. The network must...

To continue reading