CIO Executive Programs
The Leader in Face-to-Face Education for Senior ExecutivesOffering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
CIO Executive Council
Public TeleconferencesJoin CIO Executive Council members and participate in the following live teleconferences:
* Planning for Succession:
Models for IT Leadership Development, June 23
* Youth in IT: How CIOs Can Engage the Next Generation
June 10
* Change Leadership at General Growth Properties: A
Pathways Leadership Development Seminar, June 25
Are you involved in setting the direction for your company's IT budget or strategy?
Apply today for a FREE subscription to CIO Magazine!
Subscription Services »
Reprints »
News Feature
Beefing up Security with Intrusion Prevention Systems
June 15, 2003 — CIO — The SQL Slammer worm began its rampage shortly after midnight on Jan. 25, 2003. Within days, the insidious piece of code had infected more than 120,000 computers, slowed Internet traffic, crashed sites and even disabled ATMs, costing companies an estimated $1 billion in lost productivity worldwide, according to analyst firm Mi2g. The irony? Slammer exploited a vulnerability in SQL Server for which Microsoft had already issued a patch—six months earlier.
It’s not that IT administrators are lazy or negligent—it’s that locking down operating systems and applications has become an almost unmanageable job. The CERT Coordination Center recorded 417 security vulnerabilities in 1999. By 2002, there were 4,129 new vulnerabilities.
This situation makes the newest class of security technologies—intrusion prevention systems (IPSs)—look pretty good. Supplementing patches, firewalls and other traditional approaches to security, an IPS can provide security at the most fundamental levels: the operating system kernel and the network data packet. An IPS can also be cheap insurance: Host-based systems can cost as little as a few thousand dollars per server, while network-based IPS appliances typically cost between $10,000 and $90,000, plus ongoing support fees.
"It makes sense to protect the host so that if all else fails, it will have a better chance of standing alone on its own two feet," says Bill Stevenson, information security officer for New Century Mortgage. His company has been using host-based intrusion prevention from Entercept since late 2000 as a major part of the back-field defense for its servers. So far, it’s worked: New Century’s IPS successfully repulsed Slammer.
Don’t Tell Me, Fix It!
Interest in intrusion prevention is increasing, thanks in part to a growing disenchantment with intrusion detection systems (IDSs), which notify administrators of attacks but don’t actually stop those attacks. Market maturity is also a factor, as demonstrated by the acquisition of IPS company OneSecure by Netscreen along with planned acquisitions by Cisco (of Okena) and Network Associates (of Entercept and Intruvert).
These factors should spark significant growth in the IPS space. Market research company Infonetics estimates the combined intrusion detection and intrusion prevention market will grow to $1.6 billion by 2006, with IPS accounting for the majority of the growth.
Market Confusion
Intrusion detection vendors, such as Cisco, Internet Security Systems and SourceFire, are retooling their products to proactively stop network attacks. CheckPoint and NetScreen are adding IPS capabilities to their firewalls. And dozens of smaller vendors are touting security add-ons, secure Web servers and even ordinary firewalls as "intrusion prevention systems."
| RELATED SOLUTIONS |
Extending PCI Compliance to the Mobile Workforce: How to implement security best practices for mobile and remote computers
The Business Value of Symantec Data Center Foundation Solutions
Getting the Most from your Data Protection Solution
ITCi White Paper: Challenges and Opportunities of PCI
Tripwire PCI DSS Solutions: Automated, Continuous Compliance
The PCI Data Security Standard
Get Rich or Get Thin: The Secure Client Webcast
Get Control of Mobile Data (and More): Improve security and reduce costs with a mobility management platform (Video webcast)
The Universal Wireless Client: How to simplify mobility and reduce the cost of supporting mobile workers (Video webcast)
ProCurve Access Control Video
Rethinking the Corporate Help Desk: Learn how to deliver anywhere, anytime incident response
Advanced DNS and Traffic Management Solutions: The Keys to Enhancing and Securing your Enterprise Network
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Don't Ask About the Smartphones, Symbian CEO Says
UK Seeks More Data on Communications to Fight Terrorism
With H-1B in Limbo, Congressional Backers Push Green Card Fix
Open Source Largest Software Industry: Alfresco CEO
First Call Completed on North Korea's 3G Network
Bangalore's IT Industry Faces a New Hurdle with Airport Move
Google Health Beta Service Goes Live
Application Acceleration Goes Virtual
VMware Makes Thin Client Moves
Startup Launches 'Internet-Scale' Database
More News »
How To Do Nearly Anything
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
