Layer up for security, say RSA experts

By on

A panel of network security experts have warned administrators to steer clear of so-called 'magic bullet' offerings.

The group spoke to a crowd at this week's RSA conference on the virtues of using multiple security solutions and pursuing a 'defence in depth' philosophy for securing their networks.

The system calls for adding multiple levels of security throughout the network, both to prevent intrusion and secure data within the network. Rather than relying on one suite of products on one box to provide total security, the panel advised administrators to pursue multiple 'best of breed' products and secure multiple avenues for attack.

For panellist Bob Pratt, head of product management for ArcSight, the term 'defense in depth' applies not only to a company's hardware choice, but also its philosophy towards administration and management of IT.

"It is not just buying six products and layering them one of top of the other," said Pratt.

"It is not having one guy who administers every single security product in the company, you have two security products, why not have two different sets of administrators."

Several of the panellists likened the approach to that of a bank vault, where multiple security measures and procedures are put in place to safeguard the money in addition to the vault itself.

The panel also warned against relying simply on front-end security and intrusion prevention systems. Metronome director of product management Daniel Proch described the approach as "M&M security" in reference to the hard-shelled candy.

"It is a hard outer shell they think, but with a really soft middle," Proch explained.

"They are not patching back-end systems, they are relying on the boxes on the outside to stop everything."

In general, the panel agreed that in order to better prevent attacks and intrusions, businesses needed to communicate better. Panellist and Tenable Network Security chief executive Ron Gula suggested that enterprises follow the lead any financial institutions have begun to take and share certain attack details within the industry.

"We need to be a little bit more reactive," said Gula.

"You can put that [information] into your environment and get a good idea about how other people like you are getting attacked."

Copyright ©

Most Read Articles

Most popular tech stories

Log In

|  Forgot your password?