Network security. It’s a bad dream and getting more nightmarish all the time. Aside from the mounting attacks by hackers, think also of how increasingly complex and far flung the territory is you must now defend.
Sure, maybe you have your routers and switches out there on the ever moving perimeter
of your IT environment sniffing out and blocking the most obvious vermin heading your way. And likely you have firewalls up as the next line of defence, picking off the more insidious and harder to spot data packets from perdition. The more sophisticated among you will have a Network Intrusion Detection System (NIDS) doing deeper traffic analysis internally. It’s looking at all your data darting to and fro for the really destructive stuff that either slipped passed your outer defences or that someone nasty is generating within.
All well and good, but you can never rest assured because, in a sense, you are your own worst enemy. As your IT systems and confidence in them have grown, your people have pushed more and more data, voice and video traffic onto them. The sheer volume creates huge problems and challenges. Too much data can buckle your whole detection system. Your NIDS sensors may be spending so much time checking out false positives that they actually miss “”the false negatives”” of undetected enemy packets. The result: Network degradation, outages and possibly permanent network damage. Then down goes employee productivity, customer service and corporate profits — while your blood pressure soars and your job tenure dives.
As if that weren’t bad enough, you likely don’t have good instruments to fix all this. Probably your routers, firewalls and NIDS all come from different vendors, each with their own management tools and each needing separate tuning to your needs. What’s more, your network sensors may not have kept up with your network technology. Your sensors may only be playing watchdog over the Ethernet portions of your network, leaving your broadband, or ATM, or Frame Relay parts exposed.
Now let’s suppose, to add to your woes, your bosses say you have to layer on remote access so staff, suppliers and customers can trade data packets with home base from afar. Your whole system is far more vulnerable to a wider variety of security threats.
No doubt you’ve already been working hard on all this complexity. But if you’re yearning to bring some simplicity to your efforts, you should check out the Cisco Systems Web site for a white paper entitled Network Security: An Executive Overview. In five cogent pages, the white paper lays out a straightforward and logical approach to the problems and challenges alluded to above. But be prepared for more work if you do. The first thing you’ll need is a formal statement of your organization’s security policy that must be supported by the highest levels of management and reviewed regularly.
So your security policy is a live document — one that changes with the ever-shifting demands on your networks and the sneakiness of your attackers. It will also help you sleep better at night.
Andy Shaw is a freelance writer and commentator who says some of his best friends are CIOs. firstname.lastname@example.org