Sophos finds patching issues through endpoint NAC tool |
 |
By Robert Westervelt, News Editor
17 Jun 2008 | SearchSecurity.com |
|
|
Patch deployment failures, misconfigured firewalls and missing OS updates are resulting in security lapses at many firms that could be exploited by an attacker to gain access to critical systems.
|
|
|
|
|
If you submit 200 endpoints for assessment and find that only 30% are compliant, you know you've got a problem.
Bill Emerick,
vice president of product management for NAC, Sophos
|
|
|
|
|
|
|
|
|
|
That was the finding of a study conducted by UK-based malware protection vendor, Sophos, which examined the results of users of its endpoint assessment test. The tool, which could be downloaded for free at the Sophos website, was used by 583 firms based in the U.S. and abroad.
Sophos said 63% of the firms were missing patches. About half had firewalls that weren't even enabled, the vendor said. In all, 81% of the companies failed the assessment.
The security vendor is using the tool to try and get businesses to see the benefits of its network access control (NAC) appliances. It acquired Endforce for its NAC technologies last year. The appliance monitors the network, scans and quarantines machines and devices at the endpoint. The scan can determine if the machine's patches are up to date and whether it's carrying any malware.
|
| Network access control: |
Forrester: NAC ready for wider deployments: With vendor consolidation subsiding, NAC technologies are maturing and ready for full scale deployments.
As hype subsides, NAC moves ahead: IT pros still have an interest in NAC technology. But as Neil Roiter explains, the cost and complexity of NAC means the road to adoption will not be quick.
NAC, disk encryption gaining attention, survey shows: IT decision makers said they are struggling to fund projects, but many expressed interest in NAC, disk encryption and application security technologies.
NAC switches, appliances help track users, malware: Some vendors are offering switches and appliances to monitor traffic for malware and unauthorized access, as the NAC market including Cisco NAC and Microsoft NAP sorts itself out. |
|
|
|
|
Companies that deploy assessment and remediation features of NAC software could reduce the time it takes to deploy security patches, said Bill Emerick, vice president of product management for NAC. One firm found it could reduce the time systems are patched from 30 days on less than half of the company machines to seven days or less 99% of computers, he said.
"If you submit 200 endpoints for assessment and find that only 30% are compliant, you know you've got a problem," he said.
Early adopters have had some success with smaller, initial deployments, according to industry experts. But the pace of NAC deployments has not kept up with the initial hype of the technology.
In a recent report on the state of the NAC market, Robert Whiteley,
principal analyst and research director at Forrester Research Inc., said the time is right for more widespread deployments. Hybrid deployments could address the growing use of mobile devices and protect the network from intrusion as a result of customers, suppliers, and partners who try and connect with their machines, he said. A recent Forrester survey also showed a rising interest in deploying the technology. Thirty-seven percent of respondents had already adopted NAC and an additional 18% said they plan to do so in the coming year.
Sophos' Emerick said that through the endpoint assessment tool, firms are quickly learning that they're accepting too much risk by having unpatched machines connected to the network. The tool results showed that 58% of machines on the endpoint were missing OS patches, 39% missing patches for Microsoft Office applications, and 21% were missing patches for Internet Explorer. Media player and flash player updates were also missing on many machines, Emerick said.
"Often we see customers having much more comprehensive assessments when they deploy NAC internally," he said.
|
|
|
|
