Newsletters

Select newsletters below and click the button to sign up!

Boston News NY News
DC News Internet Daily
SiliconValley News
InternetNews Business Report




Become a Marketplace Partner


Partner With Us


Internetnews Bloggers

Recent Entries

Archives

July 2009
Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  

Monthly Archives

Search The Blog

Netstat -vat by Sean Michael Kerner (bio)

A command line view of IT



Cisco: Want security? You need IPS and WAF

By Sean Michael Kerner on July 15, 2009 11:38 AM
peterson_small.jpgFrom the 'real hardware for real threats' files:

My colleague Alex Goldman wrote a great story yesterday about Cisco's mid-year security report. Cisco's report (and the story) has a strong emphasis on what IT can do to better secure itself with best practices and awareness of threats, insider and otherwise.

One thing that report doesn't specifically call out is the need for hardware - specifically IPS (Intrusion Prevention System) and WAF (Web Application Firewall) technologies. It's something that I asked Patrick Peterson, Cisco fellow and Chief Security Researcher about (pic above left from a screen capture I took during the webcast) during a live webcast discussing the Cisco security report.
"In the report we talk specifically about vulnerabilities that are always present in a large organization and you can't be 100 percent protected from all the time. That's where IPS comes in," Peterson said. "The ability for IPS to be updated more quickly than you can thousands of PCs and be able to stop attacks is very valuable."

Peterson added that often times,  if there is a machine in the environment that has been infected you can see that with IPS. With the recent Conficker scare, Peterson noted that IPS - together with patching - was the number one defense mechanism.

IPS is a well known technology, but there is another piece of the puzzle that is needed too in my opinion at the network layer - and Peterson agrees. Web Application Firewalls (WAFs) sit in front of a web server to do live (virtual) patching and protect against application threats.
"If anyone out there is running a web server take some time and look at your web server logs you will see cross site scripting, password guessing and will see SQL injection attempts guaranteed," Peterson said. "Criminals want to put malware on your site so the next person that visits your website is exposed to malware. WAFs are a critical solution to make sure that all of the requests going to your web servers are inspected."
It all makes great sense to me and highlights the role that network security mechanisms have in securing enterprises and users. Sure, users need to have some common sense too, but a lot of what is bad out on the network can be blocked by the network.

| Comments (0) | TrackBacks (0) | Share

Tags:

0 TrackBacks

Listed below are links to blogs that reference this entry: Cisco: Want security? You need IPS and WAF.

TrackBack URL for this entry: https://swarm.jupitermedia.com/mt-tb.cgi/8475

Leave a comment