What's Needed
Based on the characteristics of intruder behavior and typical attacks, it's clear that an effective
security solution must counter the key vulnerabilities of the corporate network. Additionally, the
issues of network implementation and maintenance must be addressed.
More than Perimeter Protection
The most popular types of security devices — firewalls, authentication devices, and system
wrappers — are focused on protecting the entryway into a corporate network. While effective,
perimeter protection alone is not adequate, due to its inability to detect attacks that originate
from within the walls or succeed in vaulting over them.
Reducing Damage-time
The hacker time line proved it — time is the most valuable asset to someone launching a network
attack. Given enough time, a determined hacker can penetrate any system, regardless of the security.
In order to reduce the risks of damage, it's imperative that a security system operate in real time;
this allows it to detect and warn against an intrusion within seconds of occurrence, and shut the
window of vulnerability as soon as possible.
Ready Response
Real-time detection can be followed up with real-time response. By automatically stopping the intruder
at the time of attack, the system disables the intruder and blocks access to corporate assets.
Protection Against Insider Jobs
Recent studies estimate that 50% to 80% of intrusions originate from the inside. More disturbing is
the fact that these internal attacks are the most damaging. The disgruntled worker with inside
knowledge and adverse motives, the outsider who becomes an insider via an unauthorized modem on a
workplace desktop: these are the real threats to corporate data because they have direct access to
vital information.
Flexibility, Scalability, and Transparency
Any security system will need to be installed, maintained and updated. These costs are as real as the
costs associated with a potential loss, and should be considered in the choice of technology.
| 
Table of Contents
