Network Security Network Security Tough LoveTough Love

David StromDavid Strom

Sonicwall Sales MeetingSonicwall Sales Meeting

1/24/08 (new)1/24/08 (new)

Security industry Security industry trendstrends

ExploitsExploits aplenty aplenty Vista is Vista is no cure-allno cure-all, quite the , quite the contrarycontrary

NAC going NAC going nowherenowhere Managed servicesManaged services bonanza bonanza

Exploits aplentyExploits aplenty

Symantec, Trend, others show Symantec, Trend, others show that hackers are getter smarter that hackers are getter smarter and more sophisticatedand more sophisticated

The browser is still a security The browser is still a security sinkholesinkhole

IM and p2p vectors gaining IM and p2p vectors gaining prominenceprominence

Lots of Lots of zero-dayzero-day attacks and attacks and bot bot netsnets

It is so easy to secure XP It is so easy to secure XP – NOT!– NOT!

-install latest patches, and enable Windows Update-install latest patches, and enable Windows Update-disable file and print sharing, disable DCOM-disable file and print sharing, disable DCOM-turn off several Windows services-turn off several Windows services-use autoruns and msconfig to disable more stuff-use autoruns and msconfig to disable more stuff-disable extension hiding and file sharing in Explorer-disable extension hiding and file sharing in Explorer-secure IE, then install and use Firefox & noscript -secure IE, then install and use Firefox & noscript

pluginplugin-install a firewall-install a firewall-install antivirus, antispyware, and Security Task -install antivirus, antispyware, and Security Task

ManagerManager-install a new hosts file to block ads and malicious -install a new hosts file to block ads and malicious

sitessites-create and always use an unprivileged account-create and always use an unprivileged account-if my kids will be using the computer, then use -if my kids will be using the computer, then use

Microsoft's Software Restriction PoliciesMicrosoft's Software Restriction Policies

(from SANS Internet Storm Center diary 10/17/07)(from SANS Internet Storm Center diary 10/17/07)

Vista is no panaceaVista is no panacea

First off, First off, fewfew IT shops are buying IT shops are buying Built-in firewall Built-in firewall stillstill comes up comes up lackinglacking

SANS comments SANS comments aren’t thrillingaren’t thrilling Graphics resources required are Graphics resources required are immenseimmense

Why are we still dealing with Why are we still dealing with driver issuesdriver issues nearly one year nearly one year post-launch?post-launch?

NAC is nowhereNAC is nowhere

Cisco, Microsoft both Cisco, Microsoft both loserslosers Agents everywhere and no one Agents everywhere and no one wants anything to do with themwants anything to do with them

One hacked laptop can still One hacked laptop can still ruin an ruin an entire networkentire network

Major vendors are still on Major vendors are still on 11stst generationgeneration tools, just barely tools, just barely

The bonanza of managed The bonanza of managed servicesservices

Hyper-specializationHyper-specialization for different for different kinds of MSPskinds of MSPs

Every small city now has its own MSPEvery small city now has its own MSP Outsourced Outsourced everythingeverything: data centers, : data centers, applications, backup, servers, even applications, backup, servers, even virtual PBX’svirtual PBX’s

Get away from break/fix and box Get away from break/fix and box pushingpushing

Two words: Two words: recurring revenuerecurring revenue!!

Old sayingOld saying

To keep your children totally To keep your children totally safe: don't let them out at allsafe: don't let them out at all

To keep your systems safe, To keep your systems safe, don't do any business at alldon't do any business at all

Now, let’s talk the real world Now, let’s talk the real world and assess and manage our and assess and manage our networks networks

Parental tough loveParental tough love

When to say “When to say “nono”” Let your kids Let your kids make their ownmake their own mistakesmistakes

Facing Facing consequencesconsequences Blended families Blended families have special have special issuesissues

When to say noWhen to say no

How to block the wrong kinds of How to block the wrong kinds of traffic (exploits and viruses)traffic (exploits and viruses)

How to block evil things like How to block evil things like p2p and IMp2p and IM

When your clients are using the When your clients are using the wrong gear wrong gear

When yes really means noWhen yes really means no

Learning from one’s Learning from one’s mistakesmistakes

Understanding IDS and firewall Understanding IDS and firewall logslogs

Know when to Know when to outsourceoutsource your your securitysecurity

Know when Cisco and Juniper Know when Cisco and Juniper don’t have the right solutions don’t have the right solutions for your clientsfor your clients

One VAR’s product mixOne VAR’s product mix

Juniper for VPNsJuniper for VPNs Avaya for VOIPAvaya for VOIP Extreme for routers and Extreme for routers and switchesswitches

Why isn’t Why isn’t Sonicwall in this mixSonicwall in this mix??

Facing consequencesFacing consequences

Under-powered firewallsUnder-powered firewalls Under-funded IT supportUnder-funded IT support Virtualization can open up Virtualization can open up security loopholessecurity loopholes

Blended family issuesBlended family issues

M&A doesn’t always work outM&A doesn’t always work out Cisco is still on a Cisco is still on a buying bingebuying binge

Aventail now part of our family Aventail now part of our family ((but a distant cousin stillbut a distant cousin still))

Even Even HPHP is buying security is buying security companies!companies!

More blended families: More blended families: the user perspectivethe user perspective

Merged IT systems means a lot Merged IT systems means a lot of finger-pointingof finger-pointing

Which alpha male dominates when Which alpha male dominates when it comes to security systems?it comes to security systems?

The user just wants to get his The user just wants to get his work done!work done!

So how does this So how does this translate?translate?

Learn how to Learn how to listenlisten to your to your customerscustomers

Treat them as Treat them as adultsadults even when even when they act as kidsthey act as kids

Don’t assume that Don’t assume that security by security by obscurityobscurity will keep working for will keep working for youyou

My potential Sonicwall My potential Sonicwall threatsthreats

LinksysLinksys will finally take hold will finally take hold of business marketsof business markets

SymantecSymantec will figure out how to will figure out how to sell security hardwaresell security hardware

MicrosoftMicrosoft will release a secure will release a secure version of Windowsversion of Windows

JuniperJuniper will integrate Netscreen will integrate Netscreen and Neoteris and become the NAC and Neoteris and become the NAC championchampion