Home > Financial Services Information Security Tips > Security Architecture Insider > Don't let fads dictate your network security strategy
Financial Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

SECURITY ARCHITECTURE INSIDER

Don't let fads dictate your network security strategy


Mike Chapple, Contributor
10.29.2008
Rating: --- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


Don't index this page I recently came across a discussion group thread bemoaning the demise of host-based intrusion prevention systems (HIPS). One contributor heard a "current trend in security [is] to move away from host-based intrusion prevention/detection systems" and went on to seek advice regarding the role of host-based and network-based intrusion prevention systems in the enterprise. This kind of talk scares me. Why? Because it may get others thinking that this is a good idea. It's not.

Unfortunately, this is not the first time I've heard people debate the worth of host-based intrusion prevention systems in the enterprise; in fact, I've also heard people remark that host-based intrusion prevention systems' aren't worth the trouble because they're difficult to manage and monitor. Let's examine why this and similar beliefs are false, how host-based intrusion prevention systems use can be beneficial and why moving away from host-based intrusion prevention systems may be risky.

However, before we start reviewing host-based intrusion prevention systems benefits, let's first take a look at host-based intrusion prevention system technology and its proper role in the enterprise. As many readers know, host-based intrusion prevention systems allow the protection of individual systems against attacks. When they detect a potential attack using either signature-based or anomaly-based algorithms,


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


RELATED CONTENT
Security Architecture Insider
Winning the war: Personal information protection
Why financials must implement Web application security best practices
Identity management for financial firms in turbulent times
Identity management for financial firms in turbulent times
How to use data loss prevention tools to stop data exfiltration
Security questions to ask SaaS vendors when outsourcing services
Book chapter: Remote deposit capture risks
How to communicate the value of security controls for online transactions
How to perform a network device audit
Emerging themes in identity access management

Network security devices for financial institutions
Organization aims to develop encryption standard for card data
How to use data loss prevention tools to stop data exfiltration
How to perform a network device audit
Event data analysis
Security on the street with SearchFinancialSecurity.com: Mobile banking
How to easily integrate managed email security services
Integrating firewalls into your financial enterprise systems
How to integrate network behavior anomaly detection into enterprise systems
How to get the most out of a SIM
Top NAC challenges include cost, interoperability issues

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


they can ignore the detection, alert administrators to the event or block the traffic altogether. Additionally, host-based intrusion prevention systems are beneficial because:

And finally, for those who believe host-based intrusion prevention systems are difficult to manage and monitor, that's also largely untrue. Modern host-based intrusion prevention system implementations often use an agent/manager approach that allows centralized enterprise management of deployed systems.

Hopefully, I've convinced you that host-based intrusion prevention systems do indeed play an important role in the enterprise. More importantly, keep this general lesson in mind the next time you hear about a "trend" or "fad" in information security: Defense-in-depth means instituting layers of protection to safeguard your data and systems against many different types of attacks. After all, ivory tower security analysts who declare trends like "the perimeter is dead" often make those pronouncements from behind a strongly defended perimeter!

About the Author:
Mike Chapple, CISA, CISSP is an IT Security Professional with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Mike is a frequent contributor to SearchSecurity, a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.

Rate this Tip
To rate tips, you must be a member of SearchFinancialSecurity.com.
Register now to start rating these tips. Log in if you are already a member.




DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Finance Sector Security - Anti-Phishing, Remote Access Security, Firewall Systems
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2008 - 2009, TechTarget | Read our Privacy Policy
  TechTarget - The IT Media ROI Experts