Not an exploit was stirring, till one launched anyway.
The IDSs were stung by packet malware,
Knowing the hacker's tracks wouldn't be there.
Apologies for the injustice to the public domain's 'Twas the Night Before Christmas from 1822, once the intellectual property of Clement Clarke Moore, who never had to secure a network from malicious intent with visions of sugarplums dancing in his head.
The rest of us involved with information security have things aplenty to worry and to cheer about in 2005. The new year will ring in a host of new security technologies, a blitz of devious malware and exploits, and a virtual pudding of new security operational and management processes.
The following are some your stockings may be stuffed with:
Successful vendors have a good telescope to see and interpret marketplace demands both subtle and not. In 2005, the security marketplace will see some big new product trends hit their stride.
The most visible one will be the merging of security and manageability. The relationship among configurations for computers and networks and security has long been like the chicken and the egg -- strong security requires a multitude of specific configuration attributes. Meanwhile, more sophisticated exploits, the explosion in wireless LANs, voice over IP and the emergence of utility computing are creating new vulnerabilities every day. All of this added security and infrastructure complexity must be simplified as much as possible to be implemented and managed at an affordable cost.
Enter the multifunction security appliance. You will find, under your tree, a shiny, new Swiss Army Knife-like security management system. Users want a common security architecture for both wired and wireless networks, so firewall, antivirus software, intrusion-detection systems, authentication, virtual private networks, access and authorization will be integrated with management tasks for bandwidth, devices and users (my apologies for innovations inadvertently left out of this list). In the wireless world, switch, access point and software vendors are piling on a smorgasbord of functionality. Next, storage will find a way to be added to the stew.
Two more trends were spawned by the growth in federated identities that hit prime time in 2004. The first is a product to automate the authentication bottleneck created as federated identity deployments scale to thousands of users. We're headed for any-to-any authentication complexity that will take the jolly away from Old St. Nick.
The interoperability framework being created by the Open Authentication Initiative (OATH) is producing a host of new functionality to simplify strong authentication. You will even see -- finally!
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!