Skip to main content

Self Defending Networks


INTRODUCTION

As the nature of threats to organizations continues to evolve, so must the defense posture of the organizations. In the past, threats from both internal and external sources were relatively slow-moving and easy to defend against. In today's environment, where Internet worms spread across the world in a matter of minutes, security systems - and the network itself - must react instantaneously.

The foundation for a self-defending network is integrated security - security that is native to all aspects of an organization. Every device in the network - from desktops through the LAN and across the WAN - plays a part in securing the networked environment through a globally distributed defense. Such systems help to ensure the privacy of information transmitted and to protect against internal and external threats, while providing corporate administrators with control over access to corporate resources. SDN shows that the approach to security has evolved from a point product approach to this integrated security approach


These self-defending networks will identify threats, react appropriately to the severity level, isolate infected servers and desktops, and reconfigure the network resources in response to an attack. The vision of the Self-Defending Network brings together Secure Connectivity, Threat Defense and Trust and Identity Management System with the capability of infection containment and rouge device isolation in a single solution.

SELF DEFENDING NETWORKS

To defend their networks, IT professionals need to be aware of the new nature of security threats, which includes the following:

Shift from internal to external attacks Before 1999, when key applications ran on minicomputers and mainframes, threats typically were perpetrated by internal users with privileges. Between 1999 and 2002, reports of external events rose 250 percent, according to CERT.

Shorter windows to react. When attacks homed in on individual computers or networks, companies had more time to understand the threat. Now that viruses can propagate worldwide in 10 minutes, that "luxury" is largely gone. Antivirus solutions are still essential but are not enough: by the time the signature has been identified, it is too late. With self-propagation, companies need network technology that can autonomously take action against threats.

More difficult threat detection. Attackers are getting smarter. They used to attack the network, and now they attack the application or embed the attack in the data itself, which makes detection more difficult.An attack at the network layer, for example, can be detected by looking at the header information. But an attack embedded in a text file or attachment can only be detected by looking at the actual payload of the packet--something a typical firewall doesn't do.The burden of threat detection is shifting from the firewall to the access control server and intrusion detection system.Rather than single-point solutions, companies need holistic solutions.

A lowered bar for hackers. Finally, a proliferation of easy-to-use hackers' tools and scripts has made hacking available to the less technically-literate. The advent of 'point-and-click' hacking means the attacker doesn't have to know what's going on under the hood in order to do damage.

These trends in security are what have lead to the advent of SDNs or Self Defending Networks as the latest verson in security control.

Comments

Post a Comment

Popular posts from this blog

Money Pad, The Future Wallet

Definition "Money in the 21st century will surely prove to be as different from the money of the current century as our money is from that of the previous century. Just as fiat money replaced specie-backed paper currencies, electronically initiated debits and credits will become the dominant payment modes, creating the potential for private money to compete with government-issued currencies." Just as every thing is getting under the shadow of "e" today we have paper currency being replaced by electronic money or e-cash. Hardly a day goes by without some mention in the financial press of new developments in "electronic money". In the emerging field of electronic commerce, novel buzzwords like smartcards, online banking, digital cash, and electronic checks are being used to discuss money. But how are these brand-new forms of payment secure? And most importantly, which of these emerging secure electronic money technologies will survive into the next ce...
Post a Comment
Read more

IP spoofing

Definition Criminals have long employed the tactic of masking their true identity, from disguises to aliases to caller-id blocking. It should come as no surprise then, that criminals who conduct their nefarious activities on networks and computers should employ such techniques. IP spoofing is one of the most common forms of on-line camouflage. In IP spoofing, an attacker gains unauthorized access to a computer or a network by making it appear that a malicious message has come from a trusted machine by "spoofing" the IP address of that machine. In the subsequent pages of this report, we will examine the concepts of IP spoofing: why it is possible, how it works, what it is used for and how to defend against it. Brief History of IP Spoofing The concept of IP spoofing was initially discussed in academic circles in the 1980's. In the April 1989 article entitled: "Security Problems in the TCP/IP Protocol Suite", author S. M Bellovin of AT & T Bell labs was...
Post a Comment
Read more