Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Greg.

« Ghost Gave my IT Career a Jump-Start... | Main | VM-in-a-VM: VMware Workstation 6 Now Supports ESX as a Hosted Virtual Machine »

Server Security and Shielding Technologies

In the world of security, we really are getting to the point where patch management really just isn't enough. The concept of "server shielding" is new, so many people are suspect. But as an in-line device between the server and its network connection, a server shield can prevent system exploit without needing to change the codebase on the machine (like patching does).

My buddy Greg Ness over at BlueLane posted a pretty interesting breakdown of the state of server security and how the threat of polymorphism in attacks is driving the need for a change in how we deal with threats. Not the least of which, the speed in which we need to implement compensating technologies increases.

The conclusion to Greg's article says...

...Critical enterprise servers are more vulnerable than ever, facing exponential increases in attacks at a time when traditional perimeter security appliances have failed to address their unique availability, accuracy and coverage requirements. The result: operational costs for effective server security are skyrocketing as increasingly profit-minded hackers continue to innovate. Large enterprises with deep IT pockets have insulated themselves from the short term risks by throwing resources and alarms at the problem while more frugal organizations are accepting longer server vulnerability windows.

That status quo simply cannot continue. IT needs specialized server security appliances that co-exist with their other layers of protection. Blocking and tackling of suspicious traffic when it comes to servers is not acceptable. The limited protocol fluency offered by older security appliances is a (no pun intended) token effort. It’s time for the emergence of server vulnerability shields that offer high availability and accuracy and low latency.

Even though he's trying to sell you a product that does just that, his arguments make sense from a macroeconomic standpoint. We as systems administrators need to start looking beyond simple patch management.

Read the whole article at:
http://alwayson.goingon.com/permalink/post/14840

Tags:          
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Greg Shields on June 21, 2007 12:30 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-windowsserver.com/type/mt-tb.cgi/220

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Greg Shields' Bio:

Greg Shields, is an independent author, instructor, and IT consultant based in Denver, Colorado, and a co-founder of Concentrated Technology. With nearly 15 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft systems management, remote application, and virtualization technologies. Greg is a Contributing Editor for Redmond Magazine, MCPmag.com, and Virtualization Review Magazine and is the author of five books, including Windows Server 2008:  What’s New / What’s Changed. Greg is also a highly sought-after instructor and speaker, speaking regularly at conferences like TechMentor Events, and producing computer-based training curriculum for CBT Nuggets.  Greg is a recipient of Microsoft "Most Valuable Professional" award with a specialization in Windows Terminal Services.