Network Access Control - a Necessity as the “Doorman” Approach to Network Security Fails to Protect Enterprises from Costly Intrusions
A growing need for Network Access Control is revealed through a recent survey of Chief Security Officers conducted by Vernier Networks. Despite growing security budgets intrusions continue.
Mountain View, Calif. (PRWEB) June 30, 2005 -- With network security in the
spotlight due to recent data breaches, Vernier Networks (http://www.verniernetworks.com), developer of the industry’s
only clientless network access management products, recently surveyed top
enterprise and government security executives about their approaches to network
security and budget trends. More than 140 chief security officers (CSOs) and
security executives responded to the survey during a nationwide seminar series
conducted by Vernier Networks and Qualys. Survey findings highlight the need for
tighter user network access control and continued concern about security threats
and patching, despite increased security budgets.
The most surprising
results found that 51 percent of chief security officers acknowledged relying on
a “doorman” approach to internal network security, regulating network access
control by admitting users at the network edge. This approach gives users full,
unmonitored access to the network and servers containing corporate data,
customer information and other vital intellectual property, once they get past
endpoint security, or the “doorman.”
36 percent rely on a “VIP Entrance”
approach to network access control, which identifies users and “accompanies”
them around the network to ensure they do not access unauthorized areas. 13
percent admit to a “revolving door” approach – with users coming on and off the
network as they please. The results revealed that relying solely on a “doorman”
approach, which does not monitor behavior once a user has accessed the network,
is not proving sufficient. 62 percent of CSOs acknowledged that their
organizations faced intrusions from internal sources - those who were granted
access by the “doorman.”
Approach to Regulating Network Access
“It
has become clear that security around the network perimeter, while essential, is
not sufficient to rid organizations from costly intrusions such as last week’s
attacks on credit card processing centers and commercial banks,” said Simon
Khalaf, president and CEO of Vernier Networks. “Our survey results indicate the
immediate need to offer security within the fabric of the network and completely
manage access to the network through pre-emptive, proactive and reactive
security.”
88 percent of CSOs felt that tighter user access rights would
improve overall network security - either restricting network access or even
authorizing network access but applying reactive security measures when
intrusions occur. 52 percent of respondents do not currently track new systems
that enter the network. However, 62 percent plan on implementing a system
process to track systems entering the network within the next year. This
indicates that many CSOs recognize the correlation between not tracking devices
admitted to the network and internal security breaches.
A tremendous
number of CSOs resisted the concept of quarantining “unpatched” devices until
they are patched - 64 percent of respondents quarantine less than 10 percent of
these unpatched devices despite professional security and network equipment
vendors’ advice to quarantine them. Only 13 percent of surveyed CSOs quarantine
devices until they comply with corporate security policies.
Other
interesting findings include:
Reacting to a breach – Mixed approaches
provide varying results
When asked about approaches to addressing internal
security threats, 57 percent of respondents felt their approach was akin to San
Quentin – locking down sections of the network as soon as there is a disruption.
24 percent likened their approach to a hospital – shutting down entire networks
as soon as there is an outbreak. Only 13 percent said their approach to internal
threats is like a personal bodyguard – monitoring each individual on the network
and quarantining and blocking immediately. The remaining 5 percent consider
their approach to be much like a riot – chaos with no clear direction when there
are outbreaks.
Approach on Security Against Intrusions, Worms and Viruses
Originating from Within the Network
Patching vulnerable systems is still
a chore
69 percent of security execs said that worms, viruses and hackers are
still their primary network security concern. The survey found that 49 percent
patch externally facing servers within one week or less and 29 percent patch
within two weeks. With respect to patching internal servers and desktops, 38
percent of security officers take one week or less, while 49 percent take
between two weeks and a month to patch internal systems and
desktops.
Patching Vulnerable Systems
* On average, how long does it
take to patch externally facing servers?
* On average, how long does it take
to patch internal servers and desktops?
Continued network security
intrusions drive bigger budgets
In addition, survey results uncovered that
security budgets are up in 2005 and that CSOs are continuing to take a best of
breed approach to security purchases. Over 63 percent of CSOs indicated an
increase in their budget with 12 percent indicating a “dramatic” increase. Only
7 percent of respondents indicated a decrease in budgets while 30 percent
indicated a flat year-over-year budget for security. When asked about products
and vendors needed to defend against internal network intrusions more than 76
percent indicated that between 2 and 5 solutions might be needed.
The
survey was conducted during a recent CSO Breakfast Seminar series sponsored by
Qualys and Vernier Networks featuring Gartner, addressing best practice
approaches to ensuring network integrity. The series discussed the tenants of
enterprise security and looked at real-world implementations of network access
control and vulnerability management.
Vernier Networks
Vernier
Networks offers the industry’s only clientless network access management
products that enable enterprises to assure business continuity. Deployed at the
network edge, Vernier’s award-winning EdgeWall security appliance defends
against intrusions and attacks on the network by screening users and devices,
restricting access, inspecting traffic for worms and viruses, and enforcing
access policy. Headquartered in Mountain View, Calif., Vernier is a privately
held company and can be found on the Web at www.verniernetworks.com.
Press Contact:
Cathy
Summers
SHIFT Communications
(415) 591-8415
# # #
Source : http://www.prweb.com/releases/2005/6/prweb256903.htm