Hard and crunchy virus protection

What about public holidays and virus attacks? In January IT staff returned to work earlier than expected after New Year and Australia Day in response to major outbreaks. Frantic press reports heralded the interruption of the long weekends due to the arrival of another strain of the Yaha virus and a new virus called SQLSlammer.

However, because a virus outbreak really only makes the news when it reaches critical mass in terms of attacks, an important point is often overlooked. A business is at risk as soon as a virus is discovered, not just once a full-blown attack occurs. From the point of discovery to the time the fix has been deployed to all machines on the network is called the "window of vulnerability". During this period businesses face potential disruption and financial loss.

While the focus will continue to be on closing the window of vulnerability, our industry requires a new way to deal with viruses. Proactive threat protection must be the mantra for 2003; protecting a network even before a threat is discovered and limiting the damage should one slip through. You can describe this state as 'Hard and Crunchy on the inside'.

Don't get me wrong; the perimeter firewall is still critical to the organisation and gateway virus protection will continue to block most threats coming into the network. But, should the threat get past these barriers, many organisations are wide open. Wireless networks, PDAs, and mobile phones with built-in e-mail leave most networks porous.

How do we harden the network? My ideal proactive threat protection strategy would include the following solutions: desktop firewalls to limit the spread of non-e-mail viruses, integrated viral vulnerability assessment to find which servers and desktops are open to attack, intrusion detection to find out where the hackers are getting in and forensics to find out how they got in. I would also use behavioural analysis and heuristics to detect new malicious code, encrypt my server-to-server traffic and employ spam blockers.

Only by working together will we reduce Australia's overall window of vulnerability and have fewer interrupted long weekends.

* Ashley Wearne is managing director Network Associates Australia & New Zealand.

Join the newsletter!

Error: Please check your email address.

More about Gateway

Show Comments

Market Place