igor - Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Is an invisibility cloak the secret to secure network traffic?

A new appliance claims to provide an invisibility cloak to hide sensitive network traffic from malicious attacks. Is it too good to be true? Network security expert Kevin Beaver discusses the reality of invisibility cloaks.

What's your opinion of the new Unisys appliance, which supposedly offers an "invisibility cloak" to hide sensitive network traffic using encryption to avoid man-in-the-middle attacks? Is it just marketing hype? What types of enterprises would most benefit from it?

I think the Unisys Stealth invisibility cloak technology is very intriguing -- what better way to keep prying eyes off of your sensitive information? Malicious insiders, external hackers attacking via the malware they've installed on your network, and government spies wouldn't stand a chance and they know that.

The technology works by encrypting and then dispersing the communications stream before it's transmitted to its destination. The source and destination are hidden, and presumably no one will be able to capture all parts of the network session. Pretty ingenious. However, there's another side to this story -- so let me tell you what I really think.

On any given network there are countless security basics -- proven wins -- that have yet to be addressed, including:

These are the things criminal hackers, rogue employees and government spies are going after to exploit network communications and access sensitive information.

Sure, there are plenty of organizations (such as government contractors and manufacturing and software development companies) that could benefit from the Unisys technology. Yet only after organizations have shored up all of their own low-hanging fruit (such as third-party patching and penetration testing of all critical Web applications) does it make sense to implement such a technology. In other words, criminal hackers both outside and inside your network can still find and exploit these flaws regardless of how secure any network communication sessions are.

Everyone has their own opinion on this. Many people wouldn't dare believe that fixing the basics would possibly offer any great benefit toward minimizing information risks, but based on what I see in my work and what I've read in the breach databases, I beg to differ.

So what is the secret to ensuring secure network traffic? Rather than chasing the fascinating minutiae, why not fix the fixable that's causing the problems? Well, the 80/20 rule was developed and is followed by successful businesses for a reason. I say fix the fixable, then chase down the minutiae once everything else is near perfect and you have nothing else going on.

Ask the Expert!
Want to ask Kevin Beaver a question about network security? Submit your question now via email! (All questions are anonymous.)

Next Steps

Read Kevin's advice on defending the enterprise from password hacking

Watch Kevin's video on vulnerability assessments

Learn how to monitor user activity with network analyzers

This was last published in September 2014

Dig Deeper on Real-time network monitoring and forensics

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.