You can be dangerous with a hammer or a screwdriver if you don't know what you are doing. The analogy holds somewhat true when talking about security tools. No, you will not poke your eye out with an Intrusion Detection System but you sure could open yourself to a mess of problems if you do not know how to configure an IDS or any security device correctly. One of the biggest dangers we Network Engineers face is a strong reliance on the tools we are provide without a lot of knowledge on how to properly implement them.
Here's an example, a client-based firewall installed on a desktop computer is enabled at the default setting and left alone. Now some of the newer firewalls do have dummy rules in place for basic functions allowed (i.e. web surfing, email, etc.). But suddenly the user can't get to the network share folder or print to a networked printer. The desktop is also open to quite a few unnecessary ports and protocols (e.g. the computer will never be used as a web server but its setup to operate that way). Our user than promptly disables the firewall so he can continue working. The security tool in question was not implemented properly.
Here's the good news, we security consultants are trained to use these tools properly. Just remember we don't build around a solution, we build around a problem and then come up with approaches based on best security practices. A firewall, IDS, or authentication mechanism will only get you so far. Let's all strive to better security practitioners and use the knowledge given to us to get the job done.
3 comments:
Loving this blog. You are making this really simple for people to understand. Great job.
I also love this blog. But I'm sad that I've been checking back weekly since April 20th with no more updates!!
Thank you guys! I'll post again. There's been so much in the news but I haven't quite been inspired yet.
Post a Comment