Overview

And unlike the traditional challenges of network management, this new issue often catches the network professional in a state of inadequate preparation, without the resources, training or expertise born of years dealing with security issues.

The good news is that there are ways to bridge the gap. Due largely to Internet growth, security issues have recently been pushed front and center, with security-related products, software, and awareness increasing rapidly.

This paper will help to provide a basic understanding of network security by focusing on the primary distinction among security technologies: static (preventative) versus active, real-time security. The distinction is an important one. While static devices such as firewalls can offer a measure of protection, their passive nature belies the burdens — in cost, maintenance and performance — that they place on the network. More importantly, their inability to function in real-time — to detect an intrusion within seconds of its occurrence — fails to adequately counter the key intruder asset, that is, the time to get in, reconnoiter and ultimately do damage to a corporate network.

With an understanding of the critical ability to detect and contain an attack as soon as possible, a network professional is better prepared to make the decisions about how to best protect corporate assets given the available resources and budget.