Security Management Strategies for the CIOAccess "Examining device-based authentication"
This article is part of the August 2003 issue of IPSec vs. SSL VPNs: Which cures your remote access ills?
Driving the authentication down toward Layer 2 of the network invokes the question, "Can we authenticate the machine as well as the user?" Here's the idea: Using a unique footprint or ID from the machine itself provides a reliable way to control access, because it enables companies to lock out any unauthorized machine. Steal the machine but don't know the password? The machine gets cut off from network access. Steal the password but not the machine? Again, no access. So, when used together, passwords and machine IDs give companies strong security without the need deploying smart cards, tokens or other devices that users can misplace or break. As appealing as this solution is, the offerings in the market for it are still quite new. But with major players such as Microsoft, Intel, Hewlett-Packard and IBM involved, it may gain traction. These companies, with others, formed the Trusted Computing Group (TGC) in April to "develop and promote open industry standard specifications for trusted computing hardware building blocks and software interfaces across multiple... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Tunnel vision: Choosing a VPN -- SSL VPN vs. IPSec VPN
by Lisa Phifer, Contributor
Choosing a VPN has become a complex undertaking. Lisa Phifer examines how SSL VPNs match up with their older IPSec cousins.
-
History of IPSec, SSL VPN products: How will the market change?
by Lisa Phifer, Contributor
Today's SSL VPNs address a single problem: secure remote access. Will that be enough to sustain the vendors in this market? History offers some clues.
-
Beyond network perimeter defense: A 'submarine warfare' strategy
by Dan Houser, Contributor
Today's attacker can be anywhere, meaning network perimeter defense alone is futile. Change your thinking, and your tactics.
-
Tunnel vision: Choosing a VPN -- SSL VPN vs. IPSec VPN
by Lisa Phifer, Contributor
-
-
Case study: SSL VPN enables secure remote email access
by Mathew Schwartz, Contributor
A global minerals firm seeking secure remote email tested other systems before choosing an SSL VPN.
-
VPN fast facts: True or false?
by Lisa Phifer, Contributor
Lisa Phifer separates the truth from fiction about VPNs.
-
Case study: SSL VPN enables secure remote email access
by Mathew Schwartz, Contributor
-
Columns
-
Examining device-based authentication
by Diana Kelley, Contributor
Combining device-based authentication technology with existing user-based authentication would be appealing for many organizations, but technical details remain unclear.
-
Examining device-based authentication
by Diana Kelley, Contributor
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...