Monday, July 25, 2005

Host-based IPS guards endpoints


NETWORK WORLD NEWSLETTER: NETWORKING TECHNOLOGY UPDATE
07/25/05

Dear security.world@gmail.com,

In this issue:

* New technology offers additional layer of protection against
  network threats
* Links related to Networking Technology Update
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Colubris Networks
5 Key Principles to Creating a Wireless LAN Plan. Download "The
New Wireless LAN Architecture" Special Report today.

Agility is the key to managing a successful Wireless LAN. In
the Special Report The New Wireless LAN Architecture, read how
you can create a plan based on 5 key principles. You will also
assess enhanced services while reviewing the primary business
and organizational trends that are driving this technology.
http://www.fattail.com/redir/redirect.asp?CID=108829
_______________________________________________________________
Each week, Network World columnists give you a larger
perspective, and help you make sense of the rapid changes in
networking by picking through the hype to find what really
matters to you and your enterprise. Network World would like to
offer you the leading source of dependable, accurate, timely
information you can rely on to make the best decisions - A FREE
SUBSCRIPTION to Network World Magazine - SUBSCRIBE TODAY AT:
http://www.fattail.com/redir/redirect.asp?CID=108928
_______________________________________________________________

Today's focus:

Host-based IPS guards endpoints

By Saman Amarasinghe

As network threats continue to grow in number and
sophistication, a new technology offers an additional layer of
protection. Host-based intrusion-prevention system (HIPS)
technology protects endpoints behind the network perimeter. It
combats infections and attacks at the device and server level of
a network, providing a layered approach that complements
investments in network-based IPS without relying on signatures
that require near-constant updates.

HIPS technology is extremely accurate. It works by enforcing a
set of basic software conventions that never changes called the
Application Binary Interface (ABI). The ABI sits one step beyond
the application program interface (API) and defines the API plus
the machine language for a particular CPU family. Because these
conventions are universal among compiled applications, it is
nearly impossible to hijack an application without violating the
ABI.

HIPS deployments generally involve two components, a series of
agents and a management and reporting interface. Installed on
servers, HIPS agents are designed to run indefinitely with
little or no administrative overhead, and prevent malicious code
that enters a machine from being executed without the need for a
check against threat signatures.

In practice, agents continually verify the validity of
application instructions by performing checks against their
origin, preventing unintended injected code from being executed.
They also catch malicious code masquerading as user data. In
addition, they perform checks on program control to ensure that
control transfer always conforms to the ABI. This prevents
applications from being tricked into handing over control to
external injected code. It also catches code-reuse attacks that
are emerging as the next generation of advanced attack
techniques worrying security professionals.

The HIPS management and reporting interface enables thousands of
agents to be deployed, managed and upgraded across an enterprise
network. The interface, which is often Web-based to provide
universal accessibility, allows network and security staff to
perform configuration changes, monitor alerts and view reports.
Many interfaces notify security professionals of issues via SMTP
or other alerts. The interface also is key for analyzing trend
reports, assigning users and roles according to policy, and
maintaining a comprehensive audit trail.

For more on how HIPS protects against network threats, please
see: <http://www.networkworld.com/nltechupdate3616>

The top 5: Today's most-read stories

1. Future-proof your network
<http://www.networkworld.com/nltechupdate3617>

2. City finds big savings in Linux
<http://www.networkworld.com/nltechupdate3618>

3. Appliances replace DNS, DHCP software
<http://www.networkworld.com/nltechupdate3619>

4. Life's rich in telecom... if you're a lawyer
<http://www.networkworld.com/nltechupdate3620>

5. The ROI of VoIP
<http://www.networkworld.com/nltechupdate3621>

Today's most forwarded story:

Microsoft to acquire FrontBridge for e-mail security
<http://www.networkworld.com/nltechupdate3622>______________________________
_________________________________
To contact: Saman Amarasinghe

Amarasinghe is CTO at Determina and an associate professor of
the Department of Electrical Engineering and Computer Science at
MIT. He can be reached at saman@determina.com
_______________________________________________________________
This newsletter is sponsored by Colubris Networks
5 Key Principles to Creating a Wireless LAN Plan. Download "The
New Wireless LAN Architecture" Special Report today.

Agility is the key to managing a successful Wireless LAN. In
the Special Report The New Wireless LAN Architecture, read how
you can create a plan based on 5 key principles. You will also
assess enhanced services while reviewing the primary business
and organizational trends that are driving this technology.
http://www.fattail.com/redir/redirect.asp?CID=108828
_______________________________________________________________
ARCHIVE LINKS

Technology Update archive:
http://www.networkworld.com/news/tech/index.html
_______________________________________________________________
EXCLUSIVE HOW-TO WEBCAST - Proactive Endpoint Security.

You can't have a winning endpoint security solution until you
can define it: Easy to deploy and manage, simple to use, minimal
user impact, real-time monitoring and notification, flexible
reporting and low total cost of ownership.
http://www.fattail.com/redir/redirect.asp?CID=108773
_______________________________________________________________
FEATURED READER RESOURCE

THE NEW DATA CENTER: SPOTLIGHT ON STORAGE

This Network World report takes a look at storage trends such as
virtualization, encryption and archiving. Here you will also
find seven tips for managing storage in the new data center, how
storage encryption can help ease the threat of identity theft,
why one exec believes its all about the information and more.
Click here:

<http://www.networkworld.com/supp/2005/ndc4/>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

No comments:

Post a Comment