Home > Ask the Security Experts > Network Security Questions & Answers > Can reputation services be applied to network security?
Ask The Security Expert: Questions & Answers
EMAIL THIS

Can reputation services be applied to network security?

Mike Chapple EXPERT RESPONSE FROM: Mike Chapple

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 03 September 2007
Reputation services can be used as an antispam strategy, but can reputation services be applied to the security of the network? If so, what's the most practical way to get started?

>
EXPERT RESPONSE
As you know, administrators can use a "reputation score" to block potentially malicious traffic from entering their network. The ratings are determined by a third-party vendor.

To use this technology, you can purchase a subscription from a content provider (such as ReturnPath's SenderScore or Trend Micro's Email Reputation Services) and integrate it with your existing email environment.

The system will then reject mail that doesn't match the normal sending patterns for a domain. For example, if Company X normally sends mail from the 12.7.8.x network, reputation services would reject a message purporting to be from Company X but arriving from the 122.45.x.x subnet.

I'm not aware of any products that allow you to apply reputation services to network traffic, but they're in the works. Cisco recently acquired IronPort, a reputation services provider, and announced plans to integrate its technology into Cisco's Self-Defending Networks architecture. The company expects to release products beginning in 2008.

More information:

  • See how reputation systems are gaining credibility in the fight against spam
  • Achieve network security with tomorrow's antivirus tools.


    • Sound Off! -   Be the first to post a message to Sound Off!


    Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


    RELATED CONTENT
    Network Security
    Will Cisco's plan to open access to the IOS improve network security?
    Will VoIP attacks result in more than just spam?
    Should enterprises implement a mandatory iPhone VPN?
    Will organizations that lag behind on IPv6 adoption have greater security risks?
    Should iPhone email be sent without SSL encryption?
    How to secure an FTP connection
    DMVPN configuration: Is an additional firewall needed between the router and the Internet?
    Is centralized logging worth all the effort?
    What are the pros and cons of shaping P2P packets?
    Should an ISP keep corrupted machines off of a network?

    Monitoring Network Traffic and Network Forensics
    Windows registry forensics guide: Investigating hacker activities
    More built-in Windows commands for system analysis
    Is security improved when the number of Internet gateways is reduced?
    Screencast: Using Nessus to scan for vulnerabilities
    What are the pros and cons of shaping P2P packets?
    Built-in Windows commands to determine if a system has been hacked
    How will the centralized logging of network flow data benefit an enterprise?
    The forensics mindset: Making life easier for investigators
    Data Loss Prevention Tools Offer Insight into Where Data Lives
    vPro: Making the case for network security on a chip

    Network Behavior Anomaly Detection (NBAD)
    Is centralized logging worth all the effort?
    How will the centralized logging of network flow data benefit an enterprise?
    How well can network behavior anomaly detection (NBAD) products detect rootkits and malware?
    Sourcefire, Nmap deal to open vulnerability scanning
    Sourcefire expands strategy in effort to leverage its network real estate
    Combining NetFlow analysis with security information management systems
    Security information management finally arrives, thanks to enhanced features
    Are honeypots safe to implement in a router?
    How to protect against port scans
    Extensive coverage in a single box

    RELATED GLOSSARY TERMS
    Terms from Whatis.com − the technology online dictionary
    computer forensics  (SearchSecurity.com)
    Einstein  (SearchSecurity.com)
    footprinting  (SearchSecurity.com)
    information signature  (SearchSecurity.com)
    intrusion detection  (SearchSecurity.com)
    network forensics  (SearchSecurity.com)
    port scan  (SearchSecurity.com)
    probe  (SearchSecurity.com)
    promiscuous mode  (SearchSecurity.com)
    snoop server  (SearchSecurity.com)

    RELATED RESOURCES
    2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
    Search Bitpipe.com for the latest white papers and business webcasts
    Whatis.com, the online computer dictionary



    Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice

    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




    All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts