Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Public Teleconferences
Join CIO Executive Council members and participate in the following live one-hour teleconferences:
* Transforming IT Teams
September 16
* Global CIOs: How to Lead on the World Stage
September 18
* Social Responsibility's Strategic Benefits
October 29
Apply today for a FREE subscription to CIO Magazine!
September 15, 2002 — CIO — Arkansas State University is asking for trouble. The school is in the midst of a major network upgrade that will eventually bring gigabit-speed network capacity to every dorm room and office on campus?making the network a tempting playground for hackers, says Greg Williamson, associate director of information and technology services at the Jonesboro, Ark., university.
For Williamson, a network intrusion detection system (IDS) from Cisco is the key to staying on top of the network?and its potential abuses. Whenever any one of these IDS components spots a potential security threat?a virus, say, or an impending hacker attack?it notifies a central management console. If the threat is serious enough, the system automatically pages IT staff, who can deal with the attack by shutting off access, reconfiguring systems, and even identifying a hacker’s dorm room and calling campus security.
IDS?What Is It?
Like Arkansas State, many organizations are finding that firewalls, antivirus software and user authentication policies aren’t enough to keep networks safe. That explains the growing market for intrusion detection technology from established vendors such as Cisco Systems, Enterasys Networks and Internet Security Systems; new players including IntruVert, OneSecure and Recourse Technologies (Recourse was recently purchased by Symantec); and even the open-source IDS known as Snort.
In its simplest form, an intrusion detection system identifies and records potential security threats?such as someone scanning server ports or making repeated attempts to log in using random passwords. As such, it’s not a replacement for other security measures. "An IDS is like the video camera in a convenience store or a bank," says Stuart McClure, president and CTO of security consultancy Foundstone in Mission Viejo, Calif. A video camera doesn’t replace the locks on the door or the safe, but if someone breaks through those security measures, the camera provides a record that can help nab the perpetrators and buttress the security system against future attacks.
Intrusion detection systems work in a number of ways. A network-based IDS relies on network sensors that monitor packets as they go by. Typically, a network-based IDS comprises sensors at network entry points (alongside a firewall, for instance) or at the boundaries between subnets with different security levels (such as between your LAN and your data center).
A host-based IDS, by contrast, monitors activity on specific servers or mainframe hosts by keeping an eye on the integrity of critical files, or by monitoring specific operating system events (such as suspicious error messages or unusual server processes).
Email, blogging and mobile devices are important business tools, but they expose enterprises to legal, financial and regulatory risks.
Outbound email is essential to running any business today — allowing us to share information, work with partners and even interact with customers.
When it comes to technology investments, virtualization demonstrates drop-dead-obvious ROI.
Growing regulations are pressuring enterprises to find effective, affordable and easy email encryption solutions.
Today, there are many ways to approach email security — the question is: what deployment model is right for you?
Riverbed Raises the Ante Again in WDS with RiOS 5.0
Stop mobility from jeopardizing PCI compliance with these best practices.
Find out how the universal client can cut complexity and cost from your mobility environment.
Learn best practices for maximizing your mobile workforce infrastructure.
File Integrity Monitoring: Secure Your Virtual and Physical IT Environments
Encryption Made Easy: The Advantages of Identity Based Encryption
Rethinking the Corporate Help Desk: Learn how to deliver anywhere, anytime incident response
Building Competitive Advantage with Next-Generation Wireless Infrastructure
The Great Email Security Debate: Appliances, SaaS, or Virtual?
Find out what Forrester says about mobile endpoint security and its management.
Get Forrester's take on simplifying mobility with the universal wireless client.
Advanced DNS and Traffic Management Solutions: The Keys to Enhancing and Securing your Enterprise Network
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Bracing for Gustav, Oracle and Google Woes
Critics Question Comcast Broadband Caps
UK Border Agency Trials Facial Recognition at Manchester Airport
Oracle Technical Forum Upgrade Plagued with Problems
Critics Question Comcast Broadband Caps
Continuent Launches Open-Source Database Scale-Out Stack
Author Beware: 'Net Publisher's IT Pitfalls
Kenya WiMax Network Gets $3.5M Investment
Kenya BPO Society Lobbies for License Fee Reduction
Microsoft Reduces Office Price to Combat Kenyan Piracy
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
