What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-11-15 07:50:00 | Goodbye, NAC. Hello, software-defined perimeter (lien direct) | Those of us who've been around security technology for a while will remember the prodigious rise of network access control (NAC) around 2006. Now, the ideas around NAC had been around for several years beforehand, but 2006 gave us Cisco's network admission control (aka Cisco NAC), Microsoft's network access protection (NAP) and then a whole bunch of venture-backed NAC startups (ConSentry, Lockdown Networks, Mirage Networks, etc.).There were lots of reasons why the industry was gaga over NAC at the time, but it really came down to two major factors: Broad adoption of WLANs. In 2006, wireless networking based upon 802.11 was transforming from a novelty to the preferred technology for network access. I also believe laptop sales first overtook desktop computer sales around this same timeframe, so mobility was becoming an IT staple as well. Many organizations wanted a combination of NAC and 802.1X so they could implement access policies and monitor who was accessing the network. A wave of internet worms. The early 2000s produced a steady progression of internet worms, including Code Red (2001), Nimda (2001), SQL Slammer (2003), Blaster (2003), Bagel (2004), Sasser (2004), Zotob (2005), etc. These worms could easily spread across an entire enterprise network from a single PC as soon as a user logged on. NAC was seen as a solution to this problem by providing point-to-point PC inspection and authentication over Layer 2 before systems were granted Layer 3 network access. NAC really was a good idea, but the space was over invested and many of the products were difficult to deploy and manage. As a result, NAC enthusiasm faded, although NAC deployment was making slow but steady progress. As NAC became a niche product, it lost its panache. Heck, my friends at Gartner even killed the NAC MQ when there were few vendors left and not much to write about.To read this article in full or to leave a comment, please click here | APT 15 | ||
|
2016-11-14 11:12:00 | Your security mirages (lien direct) | Yes, I was hit last week. Forensics are in progress. I got doxxed, too.It has made me realize that most of systems security is an illusion. Here are my favorite alternate realities:1. Everything is safe behind the firewall.Ever heard of UBFWI-as in User's Been Fooling With It? While IPD/IPS and firewall networked-technology has improved so vastly, there's nothing like a user with an infected laptop to bring in a lulu.2. Obscure operating systems never get hit. Hackers only go for the gold with Windows.Here, let me laugh out loud and roll on the floor. Mine was an obscure server version on an obscure branch of an obscure BSD limb. Listen to the sound of lunch getting eaten: mine. Chomp, chomp, burp.To read this article in full or to leave a comment, please click here | APT 15 |
1
We have: 2 articles.
We have: 2 articles.
To see everything:
Our RSS (filtrered)
