Enhancing Network Security

Network security consumes a great deal of my thinking and planning. A cursory read of the headlines confirms why this should be the case for many of us. Just in recent months, Target, Neiman Marcus and the University of Maryland have all suffered damaging cyberattacks. While those engaging in Monday-morning quarterbacking might be inclined to suggest otherwise, these organizations are by no means slackers. Securing our respective organizations is a matter of knowledge and skill, significant resource availability, institutional consensus regarding acceptable risk, and, all too often — simple dumb luck.

That said, taking as much luck as possible out of the equation by being highly prepared is infinitely preferable. Today, the cyberwar escalates for all of us. In response, this requires that we take our cybersecurity capabilities to the next level.

Effective network security is a specialized endeavor. Anyone who feels otherwise is foolish or dangerously uninformed. Critical to note is that network security is a relative, and not an absolute, state. The greater the security pursued, the more expensive it becomes, rather quickly. For this reason, there must be a point of reasonableness concerning how much risk any organization is willing to accept, because resources are not limitless.

The approach traditionally practiced has been to keep threats outside the network from ever getting inside. This is done in a number of ways, including firewalls. These are largely outward-looking devices designed to identify external threats and keep them from penetrating our networks and subsequently attacking users and critical assets. Other measures operating external and internal to the network help support this approach, including malware protection that counters viruses, worms and similar threats. To be clear, this approach is almost fully dependent upon the additive ability of the measures deployed to keep cyberthreats out, or at least controlled. What happens when this fails and an active agent manages to breach our defensive perimeters or is intentionally introduced?

Intrusion Detection Systems

A higher level of defense involves intrusion detection systems (IDSs). These are installed on the inside of networks to listen to internal network traffic, identify possible threats and issue warnings and alerts. IDSs have been around for a while, and are considered security enhancements. But IDSs are not cheap with regard to acquisition and deployment. They are frequently deployed in business environments, as well as others where the return-on-investment (ROI) can be justified.

While considered good additions, there are shortcomings with IDSs. By their nature, they are passive devices that listen, detect and issue alerts; they do nothing to counter an attack. In addition, IDSs are only as good as the intelligence built into them concerning how to detect possible threats, particularly when those threats are constantly changing and evolving. Finally, IDSs by their nature report historically, on events that have already occurred. It is conceivable that the speed of an attack could be so great that even if it were detected, it might be over before action could be taken.

Intrusion Protection Systems

A far better approach involves intrusion protection systems (IPSs). IPSs are considered an evolutionary advance beyond IDSs because they are active devices that are designed to not only detect threats, but to automatically take action to counter them. The best IPSs have highly sophisticated algorithms for identifying possible threats. To be most effective, these systems listen to network traffic to detect messages that are unusual and potentially malicious, as revealed by known signatures or heuristic patterns. When detected, IPSs can take many actions. These can include quarantining traffic, blocking originating addresses and cessation of connections to high-value assets within the network. Clearly, a system capable of actually detecting and neutralizing a threat is a much better investment than one that simply issues warnings.

Numerous companies provide IDS and IPS solutions. These include Cisco, Juniper, CheckPoint, Palo Alto, Gigamon, IBM, Sourcefire and TippingPoint, among others. Even if your organization determines to pursue an escalated security posture, selecting the product that best fits needs, goals and budget is a substantive undertaking. And implementation is only the first step. Having a well-trained staff capable of performing at a heightened level and interacting with specialized systems is a fundamental component of a full solution.

We live in an age with growing threats to our digital security. How much to spend on achieving a desired level of security is a question we must all face. The threat level is only increasing, and no one should feel that “it can’t happen to me.” There is no magic bullet that buys such security; only a comprehensive response can be effective. Perhaps most sobering is that fact that no one really knows how much network security they need... until the day after they needed it.

This article originally appeared in the issue of .

About the Author

David W. Dodd is vice president of Information Technology and CIO at the Stevens Institute of Technology in Hoboken, NJ. He can be reached at 201/216-5491 or [email protected].

Featured

  • Case Study Highlights Texas District’s Campus Security Upgrades

    The Taft Independent School District near Corpus Christi, Texas, recently partnered with Intech Southwest Services to revamp its campus security technology system, according to a news release. Intech has released a case study on its website detailing the process that advanced the district’s technology by more than 20 years in less than three weeks.

  • Ancient Resilience: How Indigenous Intelligence Shapes the 4Roots Education Building

    As climate change intensifies, educational spaces must evolve beyond basic sustainability toward true resilience – we must design environments that can adapt, respond, and thrive amid shifting, and intensifying, climate hazards. Drawing on indigenous wisdom and nature-based strategies, integrating resilient design offers a path to create learning environments that are not only functional but deeply in tune with their natural surroundings.

  • Agualta STEAM Engine

    Outdoor Learning Spaces and Biophilic Design Create Community in East Los Angeles

    Griffith STEAM Magnet Middle School's Agualta STEAM Engine blends education, community, and nature through its adaptable design.

  • K–12 Safety Trends Report Reveals Reliance on Training, Technology

    Wearable safety technology provider CENTEGIX recently released its 2025 School Safety Trends Report, according to a news release. The report is based on more than 265,000 incidents during the 2024–25 school year as reported through the CENTEGIX Safety Platform, used by more than 800 school districts across the U.S.

Digital Edition