No Sure Fix
				Encryption may seem like the perfect security fix, but it doesn't protect against everything. TRIVIAL PASSWORDS A password can be guessed over an encrypted channel just as easily as over a cleartext one. APPLICATION-LEVEL INJECTION ATTACKS Once an encrypted channel is established, the application is no less vulnerable because of the encryption. BUFFER OVERFLOW OR SYNTATIC EXPLOITS If they occur before or during the login process, your enterprise isn't covered. CERTAIN DoS and DDoS ATTACKS Resource starvation attacks will still work, as will some attacks on the crypto protocol itself. SOCIAL ENGINEERING ATTEMPTS Technology can't protect against attacks on the user. This is not an exhaustive threat list. Also, your encryption software may have security problems of its own. Do a quick search on critical security problems found in OpenSSH or OpenSSL to check. Nothing is without risk, not even security software. --Dorian Deane & Benny Jones

Fork in the Road
Fundamentally, encryption blinds your IDSes and IPSes. Regardless of whether the IDS works through signature matching or anomaly detection, it needs to see the packet in cleartext to detect most attacks. But without encryption, confidentiality (one of the cornerstones of good information security) is reduced, if not completely lost.

While there are solutions that come close to solving parts of this problem, a balancing act is often required. Sometimes the only answer is to weigh the competing needs and pick encryption or IDS--not both.

When evaluating the options, you need to understand the importance of data privacy in your network environment. If the data is on a company's public Web site, the sensitivity is low and privacy may not be as important. However, if the data is sensitive financial information, privacy becomes paramount and encryption is likely to be one of the few practical risk mitigations.

Still, security decisions rarely hinge solely on encryption versus cleartext. If the data must be encrypted and throwing away your IDS is unacceptable, alternatives may emerge from a threat analysis. Do you need to encrypt all the data, or just certain fields? Is the encryption intended for privacy, to prevent injection attacks, or both? Will encryption on the wire make application layer attacks more difficult?

Different solutions will present themselves depending on the threats. For example, encryption is effective at reducing threats such as TCP or UDP injection and spoofing attacks. Blindly spoofing one end of a TCP session is hard; the addition of well-managed encryption makes it nearly impossible. However, encryption is useless against other types of threats (see "No Sure Fix," at right).

< PREV PAGE   |   1  |   2  |   3  |   4  |   NEXT PAGE  >