Network Access Control - a Necessity as the “Doorman” Approach to Network Security Fails to Protect Enterprises from Costly Intrusions
A growing need for Network Access Control is revealed through a recent survey of Chief Security Officers conducted by Vernier Networks - Despite growing security budgets intrusions continue.
Mountain View, CA, July 07, 2005 --(PR.com)-- With network security in the spotlight due to recent data breaches, Vernier Networks, developer of the industry’s only clientless network access management products, recently surveyed top enterprise and government security executives about their approaches to network security and budget trends. More than 140 chief security officers (CSOs) and security executives responded to the survey during a nationwide seminar series conducted by Vernier Networks and Qualys. Survey findings highlight the need for tighter user network access control and continued concern about security threats and patching, despite increased security budgets.
The most surprising results found that 51 percent of chief security officers acknowledged relying on a “doorman” approach to internal network security, regulating network access control by admitting users at the network edge. This approach gives users full, unmonitored access to the network and servers containing corporate data, customer information and other vital intellectual property, once they get past endpoint security, or the “doorman.”
36 percent rely on a “VIP Entrance” approach to network access control, which identifies users and “accompanies” them around the network to ensure they do not access unauthorized areas. 13 percent admit to a “revolving door” approach – with users coming on and off the network as they please. The results revealed that relying solely on a “doorman” approach, which does not monitor behavior once a user has accessed the network, is not proving sufficient. 62 percent of CSOs acknowledged that their organizations faced intrusions from internal sources - those who were granted access by the “doorman.”
Approach to Regulating Network Access
“It has become clear that security around the network perimeter, while essential, is not sufficient to rid organizations from costly intrusions such as last week’s attacks on credit card processing centers and commercial banks,” said Simon Khalaf, president and CEO of Vernier Networks. “Our survey results indicate the immediate need to offer security within the fabric of the network and completely manage access to the network through pre-emptive, proactive and reactive security.”
88 percent of CSOs felt that tighter user access rights would improve overall network security - either restricting network access or even authorizing network access but applying reactive security measures when intrusions occur. 52 percent of respondents do not currently track new systems that enter the network. However, 62 percent plan on implementing a system process to track systems entering the network within the next year. This indicates that many CSOs recognize the correlation between not tracking devices admitted to the network and internal security breaches.
A tremendous number of CSOs resisted the concept of quarantining “unpatched” devices until they are patched - 64 percent of respondents quarantine less than 10 percent of these unpatched devices despite professional security and network equipment vendors’ advice to quarantine them. Only 13 percent of surveyed CSOs quarantine devices until they comply with corporate security policies.
Other interesting findings include:
Reacting to a breach – Mixed approaches provide varying results
When asked about approaches to addressing internal security threats, 57 percent of respondents felt their approach was akin to San Quentin – locking down sections of the network as soon as there is a disruption. 24 percent likened their approach to a hospital – shutting down entire networks as soon as there is an outbreak. Only 13 percent said their approach to internal threats is like a personal bodyguard – monitoring each individual on the network and quarantining and blocking immediately. The remaining 5 percent consider their approach to be much like a riot – chaos with no clear direction when there are outbreaks.
Approach on Security Against Intrusions, Worms and Viruses Originating from Within the Network
Patching vulnerable systems is still a chore
69 percent of security execs said that worms, viruses and hackers are still their primary network security concern. The survey found that 49 percent patch externally facing servers within one week or less and 29 percent patch within two weeks. With respect to patching internal servers and desktops, 38 percent of security officers take one week or less, while 49 percent take between two weeks and a month to patch internal systems and desktops.
Patching Vulnerable Systems
• On average, how long does it take to patch externally facing servers?
• On average, how long does it take to patch internal servers and desktops?
Continued network security intrusions drive bigger budgets
In addition, survey results uncovered that security budgets are up in 2005 and that CSOs are continuing to take a best of breed approach to security purchases. Over 63 percent of CSOs indicated an increase in their budget with 12 percent indicating a “dramatic” increase. Only 7 percent of respondents indicated a decrease in budgets while 30 percent indicated a flat year-over-year budget for security. When asked about products and vendors needed to defend against internal network intrusions more than 76 percent indicated that between 2 and 5 solutions might be needed.
The survey was conducted during a recent CSO Breakfast Seminar series sponsored by Qualys and Vernier Networks featuring Gartner, addressing best practice approaches to ensuring network integrity. The series discussed the tenants of enterprise security and looked at real-world implementations of network access control and vulnerability management.
Vernier Networks
Vernier Networks offers the industry’s only clientless network access management products that enable enterprises to assure business continuity. Deployed at the network edge, Vernier’s award-winning EdgeWall security appliance defends against intrusions and attacks on the network by screening users and devices, restricting access, inspecting traffic for worms and viruses, and enforcing access policy. Headquartered in Mountain View, Calif., Vernier is a privately held company and can be found on the Web at www.verniernetworks.com.
###
Press Contact:
Cathy Summers
SHIFT Communications
(415) 591-8415
The most surprising results found that 51 percent of chief security officers acknowledged relying on a “doorman” approach to internal network security, regulating network access control by admitting users at the network edge. This approach gives users full, unmonitored access to the network and servers containing corporate data, customer information and other vital intellectual property, once they get past endpoint security, or the “doorman.”
36 percent rely on a “VIP Entrance” approach to network access control, which identifies users and “accompanies” them around the network to ensure they do not access unauthorized areas. 13 percent admit to a “revolving door” approach – with users coming on and off the network as they please. The results revealed that relying solely on a “doorman” approach, which does not monitor behavior once a user has accessed the network, is not proving sufficient. 62 percent of CSOs acknowledged that their organizations faced intrusions from internal sources - those who were granted access by the “doorman.”
Approach to Regulating Network Access
“It has become clear that security around the network perimeter, while essential, is not sufficient to rid organizations from costly intrusions such as last week’s attacks on credit card processing centers and commercial banks,” said Simon Khalaf, president and CEO of Vernier Networks. “Our survey results indicate the immediate need to offer security within the fabric of the network and completely manage access to the network through pre-emptive, proactive and reactive security.”
88 percent of CSOs felt that tighter user access rights would improve overall network security - either restricting network access or even authorizing network access but applying reactive security measures when intrusions occur. 52 percent of respondents do not currently track new systems that enter the network. However, 62 percent plan on implementing a system process to track systems entering the network within the next year. This indicates that many CSOs recognize the correlation between not tracking devices admitted to the network and internal security breaches.
A tremendous number of CSOs resisted the concept of quarantining “unpatched” devices until they are patched - 64 percent of respondents quarantine less than 10 percent of these unpatched devices despite professional security and network equipment vendors’ advice to quarantine them. Only 13 percent of surveyed CSOs quarantine devices until they comply with corporate security policies.
Other interesting findings include:
Reacting to a breach – Mixed approaches provide varying results
When asked about approaches to addressing internal security threats, 57 percent of respondents felt their approach was akin to San Quentin – locking down sections of the network as soon as there is a disruption. 24 percent likened their approach to a hospital – shutting down entire networks as soon as there is an outbreak. Only 13 percent said their approach to internal threats is like a personal bodyguard – monitoring each individual on the network and quarantining and blocking immediately. The remaining 5 percent consider their approach to be much like a riot – chaos with no clear direction when there are outbreaks.
Approach on Security Against Intrusions, Worms and Viruses Originating from Within the Network
Patching vulnerable systems is still a chore
69 percent of security execs said that worms, viruses and hackers are still their primary network security concern. The survey found that 49 percent patch externally facing servers within one week or less and 29 percent patch within two weeks. With respect to patching internal servers and desktops, 38 percent of security officers take one week or less, while 49 percent take between two weeks and a month to patch internal systems and desktops.
Patching Vulnerable Systems
• On average, how long does it take to patch externally facing servers?
• On average, how long does it take to patch internal servers and desktops?
Continued network security intrusions drive bigger budgets
In addition, survey results uncovered that security budgets are up in 2005 and that CSOs are continuing to take a best of breed approach to security purchases. Over 63 percent of CSOs indicated an increase in their budget with 12 percent indicating a “dramatic” increase. Only 7 percent of respondents indicated a decrease in budgets while 30 percent indicated a flat year-over-year budget for security. When asked about products and vendors needed to defend against internal network intrusions more than 76 percent indicated that between 2 and 5 solutions might be needed.
The survey was conducted during a recent CSO Breakfast Seminar series sponsored by Qualys and Vernier Networks featuring Gartner, addressing best practice approaches to ensuring network integrity. The series discussed the tenants of enterprise security and looked at real-world implementations of network access control and vulnerability management.
Vernier Networks
Vernier Networks offers the industry’s only clientless network access management products that enable enterprises to assure business continuity. Deployed at the network edge, Vernier’s award-winning EdgeWall security appliance defends against intrusions and attacks on the network by screening users and devices, restricting access, inspecting traffic for worms and viruses, and enforcing access policy. Headquartered in Mountain View, Calif., Vernier is a privately held company and can be found on the Web at www.verniernetworks.com.
###
Press Contact:
Cathy Summers
SHIFT Communications
(415) 591-8415
Categories