Search This Blog

Tuesday, August 02, 2005

How endpoint security works


NETWORK WORLD NEWSLETTER: TIM GREENE ON VPNS
08/02/05
Today's focus: How endpoint security works

Dear security.world@gmail.com,

In this issue:

* About endpoint security
* Links related to VPNs
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Avocent
Network World Executive Guide: Security Evolves. Automation,
specialized 'ops centers' and more.

For network security professionals, keeping a safe distance
ahead of the worst the bad guys have to offer is a never-ending
race. This guide is designed to help with a collection of news,
analysis and product test reviews for practical how-to advice on
subjects ranging from patch management and spyware to promises
and risks of automated security services.
http://www.fattail.com/redir/redirect.asp?CID=109205
_______________________________________________________________
CYBERSLACKING - IT COSTS

To the tune of $178 billion annually, according to a recent
study. Employees, at work, are reading the news, checking
personal e-mail, conducting online banking, travel and shopping
more than you might realize. How much time? Click here for more:
http://www.fattail.com/redir/redirect.asp?CID=109054
_______________________________________________________________

Today's focus: How endpoint security works

By Tim Greene

If you are interested in using VPNs nowadays, you should also be
interested in using endpoint security.

This software sits on remote machines that are trying to access
the VPN and checks whether the device meets security policies
for the company that set up the VPN. If not, access is denied.
Some vendors' software refers remote users to a separate
remediation Web site where they can get what their machine needs
to comply. Other vendors would say the machine has failed and to
contact a network administrator for further instructions.

Either way, machines that have unpatched operating systems,
virus scanning software that's turned off or not updated, a
misconfigured firewall or no firewall turned on or a list of
other shortcomings don't get access.

The threat is that if an insecure machine does gain access, it
might be commandeered and then the entire network is opened up
to the hacker. This is particularly true of IPSec VPNs that open
up a network layer connection to the network, giving users the
same access as if their computer were connected via a Category 5
cable.

With SSL VPNs the threat can be mitigated by access controls on
what resources each user is allowed to reach, but endpoint
security should be used when employing downloadable agents
offered by some vendors that open up network layer connections.

While much of the attraction of SSL VPNs is that they require no
client software, that is true only when granting access to
non-critical network resources. If access to sensitive data is
required, endpoint-checking software - a client - will be
needed. Seems you can't get around it, but it's worth it.

The top 5: Today's most-read stories

1. Cisco vulnerability posted to Internet
<http://www.networkworld.com/nlvpn4287>

2. Router flaw sparks battle
<http://www.networkworld.com/news/2005/080105-blackhat.html>

3. Researcher at center of Cisco router-exploit controversy
speaks out <http://www.networkworld.com/nlvpn4289>

4. Black Hat event highlights RFID and VoIP security threats
<http://www.networkworld.com/news/2005/080105-blackhat-side.html>

5. Cisco nixes conference session on hacking IOS router code
<http://www.networkworld.com/nlvpn4037>
_______________________________________________________________
To contact: Tim Greene

Tim Greene is a senior editor at Network World, covering virtual
private networking gear, remote access, core switching and local
phone companies. You can reach him at <mailto:tgreene@nww.com>.
_______________________________________________________________
This newsletter is sponsored by Avocent
Network World Executive Guide: Security Evolves. Automation,
specialized 'ops centers' and more.

For network security professionals, keeping a safe distance
ahead of the worst the bad guys have to offer is a never-ending
race. This guide is designed to help with a collection of news,
analysis and product test reviews for practical how-to advice on
subjects ranging from patch management and spyware to promises
and risks of automated security services.
http://www.fattail.com/redir/redirect.asp?CID=109204
_______________________________________________________________
ARCHIVE LINKS

Breaking VPN news from Network World, updated daily:
http://www.networkworld.com/topics/firewalls.html

Archive of the VPN newsletter:
http://www.networkworld.com/newsletters/vpn/index.html
_______________________________________________________________
Trends affecting WAN in powerful ways - Webcast Explains

A panel of experts will help you understand the principles of
the Adaptive WAN and how it can help you proactively address the
challenges emerging in your evolving enterprise IT architecture.
http://www.fattail.com/redir/redirect.asp?CID=109113
_______________________________________________________________
FEATURED READER RESOURCE
SIX TIPS FOR GETTING WHAT YOU DESERVE

Before you go in for your next annual review or promotion
interview, you would be wise to consider these tips for ensuring
you've got the right stuff to move ahead. Network executives
offer advice to help you gun for that next promotion and fatten
up your paycheck. Click here:
<http://www.networkworld.com/you/2005/072505-salary-side2.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

No comments: