Thursday, January 29, 2009

Give Up on Network Security Already!

The title is on half-farse... obviously I don't think network security is dying, or going away - but I bet I made you think for just a half-second!

I've been at a few "security vendor events" in the past few months and have noticed a disturbing trend towards peddling the same old you need to secure your network line which has me scratching my head. I've heard the folks from a number of different vendors (who shall go un-named) talk about how enterprises and SMBs alike need to protect their users and their assets at the network layer and buy better IPSes. Again, I'm scratching my head.

One of two things is true, either those vendors haven't noticed the mass of break-ins into the web applications that are online, or they simply don't have an answer and have decided to step up their campaign to get more money securing the wire.

Interestingly enough, with the HPS breach being malware-based... I wonder how many of these same vendors will extoll the wonders of an IPS and how it would have prevented this Heartland Payment Systems breach... although we all know IDS/IPS is like AntiVirus... you can only write signatures for things you know exist... so you're chasing old ghosts at best.

There's food for thought on a Thursday afternoon.

No comments: