Security and Privacy




The Near Future of Network Security




                                     Greg Young
         ...
Network Security Sea Change

                Worms have changed the equation. Protecting
                the network is mo...
Critical Security Processes
                                                               Users                  Attacks
...
Hype Cycle for Infrastructure Protection
                      Visibility                Deep-Packet                      ...
‘Short Worm’ Memory
                             The passage of a short period without a significant worm
                ...
Malicious-Traffic Tipping Point

      100%
                                                                     Network
 ...
Protecting the Network

                                                                                  Firewall/IPS bla...
Myth of the Disappearing Perimeter

                You can’t have a
                crunchy interior with
               ...
Driving the Market to Platforms and
        Intrusion Prevention
                                                   Networ...
Magic Quadrant for Network Firewalls, 2H04
                                                                   Challengers ...
IPS Market Vectors

                                                                      In     Cisco Systems
           ...
Gartner’s Key IPS Selection Criteria

        Fast-moving market vectors make selection a challenge:
               Perfor...
The Next IPS Generation:
        Making IPS Smarter
                                                                      ...
Strategic Planning Assumptions
               By year-end 2006, 75 percent of network IPSs deployed
               in the ...
All-in-One Security Appliances for Midsize
        Companies: Lots of Choices




                                        ...
Web Application Firewalls:
        Two Weddings and a Pure Play
                                                          ...
Putting Security in the Cloud

Enterprise Network




        Regional Office



                                         ...
Recommendations
               Network managers should begin blocking bad traffic to
               regain capacity and pr...
Upcoming SlideShare
Loading in...5
×

The Near Future of Network Security

1,234
-1

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,234
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
48
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

The Near Future of Network Security

  1. 1. Security and Privacy The Near Future of Network Security Greg Young 22 September 2005
  2. 2. Network Security Sea Change Worms have changed the equation. Protecting the network is more important than protecting any individual node. The perimeter cannot go away and does not get less important. When there’s more malicious traffic than legitimate traffic on a network, operational performance becomes the lead issue. The network must reward good traffic and neutralize suspicious or unknown traffic. © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 1
  3. 3. Critical Security Processes Users Attacks Network Perimeter Protection Security Internal Protection Network Intrusion Access Prevention Control Policy/Business Threat/Vulnerability Decisions Information ID/Access Vulnerability Management Management ID = identification IT Infrastructure © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 2
  4. 4. Hype Cycle for Infrastructure Protection Visibility Deep-Packet Key: Time to Plateau Inspection Less than two years Firewalls Two to five years Five to 10 years Security in Switch More than 10 years In the Cloud NAC Host IPS – PC All-in-One Security Web Appliance Application DDOS Gateway Firewall Protection Stateful PIP (Converged AV Firewall Desktop Security) Desktop Signature- Network IPS based AV Network Personal XML Firewalls Security Silicon Firewalls QOS/Traffic Host IPS – Servers NIDS Shaping As of March 2005 Maturity Technology Peak of Inflated Trough of Slope of Plateau of Trigger Expectations Disillusionment Enlightenment Productivity Acronym Key NAC network access control AV antivirus NIDS network intrusion detection system DDOS distributed denial of service PIP personal intrusion prevention IPS intrusion prevention system QOS quality of service © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 3
  5. 5. ‘Short Worm’ Memory The passage of a short period without a significant worm has passed. This end of worms is not upon us. Today Worm Worm Worm Severity Worm Worm Worm Worm Time = Network Security Memory Span © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 4
  6. 6. Malicious-Traffic Tipping Point 100% Network Operational Problem 50% Security Problem 2001 2003 2005 2007 © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 5
  7. 7. Protecting the Network Firewall/IPS blades Bad — Block Scan and block Intrusion detection Suspicious — Pass and Alarm system (IDS) Easy: Quarantine Harder: Can Be Takes Automated Security event People Security Relevant — Pass and Log management Correlation QOS Good — Pass and Prioritize Traffic shaping © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 6
  8. 8. Myth of the Disappearing Perimeter You can’t have a crunchy interior with a squishy exterior The perimeter doesn’t go away. We always have to protect the network. You can manage unmanaged devices and control unmanageable devices. © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 7
  9. 9. Driving the Market to Platforms and Intrusion Prevention Network Security Platforms Firewalls/ In-the-Cloud IPS Security IDS Gigabit + Security Next- Platforms Generation Vulnerability Firewall re Assessment 100Mb wa and below a rd H e All-in-One ar Gateway Security ftw AV Appliance So 2002 2004 2004 2005 2006 © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 8
  10. 10. Magic Quadrant for Network Firewalls, 2H04 Challengers Leaders Check Point Cisco Systems Juniper Ability to Microsoft Execute Secure Computing Fortinet WatchGuard NetContinuum F5 Stonesoft iPolicy CyberGuard Network Symantec Whale Firewall Teros Watchfire Kavado Web SonicWALL Application Firewall As of December 2004 Niche Players Visionaries Completeness of Vision (From “Magic Quadrant for Network Firewalls, 2H04," 14 February 2005 ) © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 9
  11. 11. IPS Market Vectors In Cisco Systems NFR the 3Com? ISS switch Symantec Sourcefire Deep-packet IDS Move in line IPS Firewalls inspection Juniper Check Point Improve Fortinet mgmt. iPolicy McAfee Not all vendors TippingPoint Pure-Play are displayed Reflex IPS © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 10
  12. 12. Gartner’s Key IPS Selection Criteria Fast-moving market vectors make selection a challenge: Performance/latency Research and updates Price Next-generation firewall Management and reporting Is it IPS? Security function © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 11
  13. 13. The Next IPS Generation: Making IPS Smarter Netflow Anomalies Peer-Attack High crime segments Fingerprints DDOS sources IPS devices are single points of visibility. Feeds Endpoint from other sources will Vulnerability assessment enable the next generation of IPS to make smarter Operating system and faster decisions, Other IPS minimizing false-positives and negatives. © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 12
  14. 14. Strategic Planning Assumptions By year-end 2006, 75 percent of network IPSs deployed in the enterprise* will incorporate multiple feeds (0.7 probability). By mid-2006, effective gateway anti-spyware will be a standard requirement in the majority of requests for proposals for midsize all-in-one security platforms (0.8 probability). By mid-2006, 10Gb stand-alone IPS appliances will be available from multiple vendors (0.8 probability). *Enterprise deployments are described as 1,000 or more employees, and 1Gb or more placement points. © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 13
  15. 15. All-in-One Security Appliances for Midsize Companies: Lots of Choices Sample Vendors Only VPN = virtual private network © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 14
  16. 16. Web Application Firewalls: Two Weddings and a Pure Play Application Switch Web Application Firewall Web W/A/D Application Server W/A/D Firewall Server Application Acceleration DMZ Web Application Firewall W/A/D Server Pure Play W/A/D = Web server/application server/data server © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 15
  17. 17. Putting Security in the Cloud Enterprise Network Regional Office Data Center Extranet Internet Business Partner © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 16
  18. 18. Recommendations Network managers should begin blocking bad traffic to regain capacity and preserve legitimate application performance. Companies will always require a network security perimeter and a separate security control plane. Although the end game is security everywhere, security at the edge must be present — and as strong as possible. QOS and traffic shaping will play key roles in a secure network fabric. Outsource as much day-to-day busy work as you can — as soon as you can. © 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. 17
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×