Monday, February 19, 2007

Useful Reading for Those Who Think "All Security Will be in the Network"

Nothing Earth-shattering but useful reading for those who think that ALL security will be in the network infrastructure soon.

1 comment:

Anonymous said...

The reason I think it'll be at the network level is because there are more of those levels for any given piece of traffic.

So if host A is speaking with host B, and there are two hops between them (including switches) then we're equal. But as soon as it becomes a router and two switches, or two routers and three switches, we've now crossed the line where the network is much more important than the hosts.

Or at least, the network will get more chances than the host. So if you're doing the same filtering at each hop that's not going to help much, but if you're stacking different types of detection and prevention at the various pivot points, that has a lot of good potential.

So Cisco at the border, Cisco in the DMZ, Cisco in the core, and Cisco at the low-tier switches...that's compelling. Even more-so than HIPS on the client. Obviously I want both, but if I had to choose it'd probably be security at all those other layers.

-Daniel Miessler

Dr Anton Chuvakin