Transcript Making money from network security

Making money from network
security
David Strom
CMP Xchange Emerging Techs
October 2002
Issues
• Network penetrations continue to climb in
number, sophistication, and complexity
• Proliferation of spam and viruses
• Risk of infection rises as everything is
connected
• Remote teleworkers and wireless networks
bring their own complexities
Wireless network issues
• More than half of wireless networks operate
with no security whatsoever
• “War driving” is now a popular sport
• WEP isn’t even that good a protocol
• Mostly outside of control of IT/integrator
Wireless solutions
• How do you know if wLANs are running?
• NetStumbler and AirMagnet can help!
• Best to make use of appliances like
BlueSocket, ReefEdge, Vernier, others
• Need a separate firewall for wireless users
to separate from main corp. net
Remote teleworker isses
• Your corp. net now reaches into people’s
homes
• Your net is only as secure as your weakest
link
• VPNs are essential to protect corp. net
• Yet another opportunity for resellers!
Teleworker solutions
• Understand how remote users are
connecting to internal nets
• Simplify, simplify, simplify
• Don’t poke holes in firewalls just because
users ask you -- HAVE A PLAN!
• Think big and deploy for the long haul
Bright spots on the security
horizon
• Biometrics -- just beginning to take off
(IBM Thinkpad and NetVista line)
• Anti-virus screening almost a given now
• VPNs and secured access to internal nets
• Web applications monitoring shows promise
Places of despair
• Secure email -- still not happening
• Key servers and PKI -- not much better
• Secure database access via the web -- not
really happening yet
• Email filtering software pretty grim
Panel
•
•
•
•
Brian Cohen, SPIdynamics
Luis Claret, Rainbow Technologies
Alonzo Ellis, Imperito Networks
Chris Fleck, Omnicluster Technologies
Questions for the panel
•
•
•
•
Has anti-virus screening become a commodity?
Is there such as thing as a secure Web server?
What penetrations can resellers stop quickly?
Can corporations who have firewalls operate them
effectively?
• How can resellers find the most profitable areas
for providing better security for their clients?
• How large a corp. to use enterprise-based antivirus solutions?
• How can a VAR sell customers additional security
beyond just firewalls?