Countering the greatest fears

In the comic strip Peanuts, Linus is usually depicted clutching a security blanket; it gives him a great sense of security, even though it doesn't actually make him any safer. Security tools bought in response to fears of attack often strike a similar false sense of security. But carefully chosen products deployed in response to real needs and designed to work well within the enterprise can both make you feel better and counter real threats.

According to the 2002 InfoWorld IT Security Survey, security requirements are based as much on IT leaders' concerns about what might happen as on what they've actually experienced. For example, 58 percent of respondents have had their enterprise infected by a virus, but 82 percent are concerned. Respondents have also had worms, Trojan horses, and malicious code, which worry IT leaders (roughly 70 percent to 80 percent of respondents) most.

But their concerns go beyond these commonplace attacks to fears of intrusions by outsiders. Although only 3 percent reported that traffic coming through ISPs has been monitored, 47 percent are anxious about it. Another 3 percent reported that their wireless networks have been eavesdropped, but 28 percent worry about it.

Almost every company keeps anti-virus software on its computers -- 94 percent of respondents consider it crucial, yet well over half continue to get viruses. The problem could be either that employees aren't using the software that they've been provided or that the desktop, where most anti-virus software runs, is the last line of defense. Viruses should be killed before they ever get to the desktop with tools such as GFI's MailSecurity, which performs content monitoring and protects Exchange and SMTP mail against viruses, malicious code, and worms at the server level.

You can perform some similar tasks with CacheFlow Inc.'s new Security Gateway series of appliances, which work with existing routers and firewalls and also handle a variety of tasks, including authorization management, virus scanning, content security, Web usage monitoring, content filtering, and network protection. The idea behind multifunction tools is to use a central appliance to simplify keeping your network secure.

By now, nearly everyone has heard of VPNs, which can prevent snooping on your sessions as they travel across the Internet. Eighty-five percent of respondents use either firewalls, an IP VPN, or both, and 55 percent outsource VPN services. You can get VPN support from many vendors, probably including the one that makes your remote access server. If you need to deploy a VPN, one solution that provides both secure connections and works as a firewall is Firewall/VPN from Symantec Corp., a vendor popular among more than 20 percent of respondents. This security appliance performs several additional functions, including load balancing, IP sharing, DHCP serving, intrusion detection, and logging.

Keeping intruders away from your network and out of the sessions your employees have with your network is always a priority. But it doesn't do your company much good to protect your data if outsiders can simply watch the traffic go by, either in a session with your ISP or by parking outside your building and reading your wireless traffic.

What Symantec doesn't cover are the unique needs of your wireless users. Only a small percentage of our respondents have had a wireless intrusion, but only a tiny percentage of them actually have large wireless installations -- it's a big problem among companies with wireless. The hottest bet out there is NetMotion Wireless Inc.'s Mobility, which offers a unique combination of encryption, authentication and highly flexible roaming.

And finally, of course, there's the question of firewalls, which should sit on every entry point of an outside network, not just the Internet. The right firewalls can help stop the spread of problems delivered by e-mail, from a disk brought from home, by malicious Web sites, and more. But you need more, at least a content filtering firewall on the outside as well as a personal firewall on each workstation.

The best of these is ZoneAlarm from Zone Labs Inc. Your employees can download a free home version of this excellent product from http://www.zonelabs.com. For corporate use, however, you need something more complete, such as the company's Integrity product. ZoneAlarm gets the intruders that your primary firewall misses. Better yet, it bottles up attacks from viruses and worms, preventing them from spreading beyond the computer they originally infected.

When you have covered the basics, you're safe to worry a lot less. Although you can't retreat behind a security blanket until dangers fade away, at least you can rest assured knowing that you've taken care of the scariest security risks.

The bottom line

Executive Summary: A few well-chosen products can solve both your greatest security worries and most pressing needs. There are no sure answers, but many companies share the the same requirements, and it only takes a few products to meet them.

Test Center Perspective: Whether it's a multifunction appliance that carries out tasks ranging from content filtering to creating a VPN, or software that protects against a broad range of threats, you don't need to go far to get your security up to snuff. Of course, you should also continue to keep your OSes patched, passwords updated, and physical security intact.

Join the newsletter!

Error: Please check your email address.

More about Access ServerCacheFlowGFI SoftwareNetMotion WirelessSymantecZone Labs

Show Comments

Market Place