Security Management Strategies for the CIOAccess "Beyond network perimeter defense: A 'submarine warfare' strategy"
This article is part of the August 2003 issue of IPSec vs. SSL VPNs: Which cures your remote access ills?
Perimeter defense is a lost battle. Like old generals, we're still fighting the last war, in which our network was a castle with impregnable walls, a well-defined entry point across the drawbridge (head-end router), portcullis (firewall) and guards (IDS). Today's infosec paradigm is submarine warfare. Attacks can come from anywhere, at any time. There's no well-defined perimeter, and it's often difficult to tell friend from foe. Defenses should focus on hardened, well-protected assets--not bigger, stronger fences. Stealth, intelligence gathering and deception play increasingly critical roles in enterprise security. We have failed to adapt to the rapid changes in technology that have fundamentally altered the battle we're fighting. Instead, we continue to spend money on point solutions to counter the latest attacks. We need a fundamental change in thinking--not just more layers of firewalls, IDSes and network components. We're simply fueling an infosec arms race, in which the only victors are the arms suppliers. The submarine warfare model teaches us that ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Tunnel vision: Choosing a VPN -- SSL VPN vs. IPSec VPN
by Lisa Phifer, Contributor
Choosing a VPN has become a complex undertaking. Lisa Phifer examines how SSL VPNs match up with their older IPSec cousins.
-
History of IPSec, SSL VPN products: How will the market change?
by Lisa Phifer, Contributor
Today's SSL VPNs address a single problem: secure remote access. Will that be enough to sustain the vendors in this market? History offers some clues.
-
Beyond network perimeter defense: A 'submarine warfare' strategy
by Dan Houser, Contributor
Today's attacker can be anywhere, meaning network perimeter defense alone is futile. Change your thinking, and your tactics.
-
Tunnel vision: Choosing a VPN -- SSL VPN vs. IPSec VPN
by Lisa Phifer, Contributor
-
-
Case study: SSL VPN enables secure remote email access
by Mathew Schwartz, Contributor
A global minerals firm seeking secure remote email tested other systems before choosing an SSL VPN.
-
VPN fast facts: True or false?
by Lisa Phifer, Contributor
Lisa Phifer separates the truth from fiction about VPNs.
-
Case study: SSL VPN enables secure remote email access
by Mathew Schwartz, Contributor
-
Columns
-
Examining device-based authentication
by Diana Kelley, Contributor
Combining device-based authentication technology with existing user-based authentication would be appealing for many organizations, but technical details remain unclear.
-
Examining device-based authentication
by Diana Kelley, Contributor
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...