Security Management Strategies for the CIOAccess "Data Encryption and IDS / IPS: Getting a better view of network activity"
This article is part of the September 2006 issue of The power of SIMs for visibility and compliance
Encryption may be good for securing data, but it blinds network-based IDSes. While there aren't any surefire fixes, these techniques will steer you in the right direction. Encryption used to be unequivocally good for security. After all, it kept the bad guys from getting at our private information, right? Who could argue with that? Many of us became crypto-evangelists, demanding encryption everywhere. Then we realized that we were blocking our view with all this encryption. Administrators need to be able to look at the entire network to properly defend it. IDSes, IPSes, sniffer tools and network analyzers provide a clear view of network activity. But, the more prevalent encryption becomes, the more we lose that view. So is encryption bad for security? Are IDSes and IPSes dead? No, but imprudent use of encryption can send a well-meaning network security engineer into unsafe territory. The pressure is on for enterprises to implement encryp- tion as a standard of due care--HIPAA mandates privacy for health care transactions, and California's SB 1386 requires ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Using security information management systems for a posture assessment
For more visibility into your security posture and smoother compliance, picture what a security information management system can do for you.
-
Directory Integration
Centrify's DirectControl Suite
-
Content inspection accelerator cards rev up application-layer security
The answer to traffic loading issues may be in the new content-inspection accelerator market.
-
Secure Reads: How technology is endangering your privacy
Read a quick review of the security book, "Privacy Lost: How Technology is Endangering Your Privacy."
-
Removable Storage Security: ControlGuard Access Manager 3.0 review
ControlGuard's Access Manager 3.0
-
Intrusion Prevention: iPolicy Network's ISM Express 1000
iPolicy Network's ISM Express 1000
- At Your Service: September 2006 managed services security news
-
Not So Simple
Are you ready to rid your enterprise of a client-based VPN in favor of simple SSL? Tread carefully. We sort through five SSL VPNs, and uncover which best conquer the many challenges.
-
Using security information management systems for a posture assessment
-
- Events: Information security conferences for September 2006
-
Brick By Brick
No budget for an application firewall? Use open-source components to build your own.
-
Recent releases: Security product briefs, September 2006
Read about the released security products of September 2006.
-
Proofpoint's Messaging Security Gateway Product Review
In this product review, learn how Proofpoint's Messaging Security Gateway can help to protect against viruses, spam and Trojans. Get tips on product management, configuration and reporting.
-
Data Encryption and IDS / IPS: Getting a better view of network activity
Encryption can to help secure data and meet HIPPA requirements, but the technology blocks sight of network activity by blinding IDSes and IPSes. Learn how to have an effective encryption and IDS/IPSe solution simultaneously.
-
Head of the Class
Got your MBA study guide yet? More information security pros are going back to school and chasing down a graduate business degree.
- What's a Hot Pick?
-
Columns
-
Perspectives: Focus on commonalities in state data breach laws
Examine the similarities in state data breach notification laws and develop a policy that intersects those common areas.
-
Ping: Christopher Ray
Christopher Ray
-
Editor's Desk: A feature-set in disguise
Slice and Dice
-
Face-off
Is There Strategic Software?
-
Perspectives: Focus on commonalities in state data breach laws
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...