Home > Ask the Security Experts > Network Security Questions & Answers > Can reputation services be applied to network security?
Ask The Security Expert: Questions & Answers
EMAIL THIS

Can reputation services be applied to network security?

Mike Chapple, featured expert EXPERT RESPONSE FROM: Mike Chapple, featured expert

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 03 September 2007
Reputation services can be used as an antispam strategy, but can reputation services be applied to the security of the network? If so, what's the most practical way to get started?


BROWSE BY TAG
Network Security,   Network Intrusion Detection and Analysis,   Enterprise Network Security,   Monitoring Network Traffic and Network Forensics,   Network Behavior Anomaly Detection (NBAD),   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Network Security
Should enterprises be running multiple firewalls?
What are best practices for fiber optic cable security?
What is the difference between a VPN and remote control?
What are the disadvantages of proxy-based firewalls?
What are the best practices for IPS implementation?
How to prevent DDoS attacks on websites
How to configure firewall ports for webmail system implementation
Can S/MIME, XML and IPsec operate in one protocol layer?
How should service providers address VoIP security issues and threats?
How to set up a corporate cell phone management strategy

Monitoring Network Traffic and Network Forensics
Chained Exploits: How to prevent phishing attacks from corporate spies
PCI compliance requirement 10: Auditing
Know when you need IDS, IPS or both
An inside look at security log management forensics investigations
Tying log management and identity management shortens incident response
The telltale signs of a network attack
Cyberattack mapping could alter security defense strategy
Should the government reduce its external Internet connections?
How to use Nmap to scan a network
Screencast: How to scan with Nmap

Network Behavior Anomaly Detection (NBAD)
Trend Micro to acquire Third Brigade for virtualization, cloud security
Use BotHunter for botnet detection
Is centralized logging worth all the effort?
How helpful is the centralized logging of network flow data?
SIM and NBA product combination is powerful
Can network behavior anomaly detection (NBAD) products stop rootkits?
Sourcefire, Nmap deal to open vulnerability scanning
Sourcefire expands strategy in effort to leverage its network real estate
Combining NetFlow analysis with security information management systems
Security information management finally arrives, thanks to enhanced features

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
computer forensics  (SearchSecurity.com)
Einstein  (SearchSecurity.com)
footprinting  (SearchSecurity.com)
information signature  (SearchSecurity.com)
inverse mapping  (SearchSecurity.com)
network behavior analysis  (SearchSecurity.com)
network forensics  (SearchSecurity.com)
probe  (SearchSecurity.com)
promiscuous mode  (SearchSecurity.com)
snoop server  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


As you know, administrators can use a "reputation score" to block potentially malicious traffic from entering their network. The ratings are determined by a third-party vendor.

To use this technology, you can purchase a subscription from a content provider (such as ReturnPath's SenderScore or Trend Micro's Email Reputation Services) and integrate it with your existing email environment.

The system will then reject mail that doesn't match the normal sending patterns for a domain. For example, if Company X normally sends mail from the 12.7.8.x network, reputation services would reject a message purporting to be from Company X but arriving from the 122.45.x.x subnet.

I'm not aware of any products that allow you to apply reputation services to network traffic, but they're in the works. Cisco recently acquired IronPort, a reputation services provider, and announced plans to integrate its technology into Cisco's Self-Defending Networks architecture. The company expects to release products beginning in 2008.

More information:

  • See how reputation systems are gaining credibility in the fight against spam
  • Achieve network security with tomorrow's antivirus tools.




    • Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice



    Find Security Solutions for Your Business
    Targeted Security Channel Tips for Resellers, Integrators and Consultants
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Site Map




    All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts