The New Security: Many Threats Many Solutions

摘要

In today's era of perimeter-invading worms, malicious e-mails that don't rely on attachments, and tenacious spyware, safeguarding the enterprise demands a security framework that marshals a more sophisticated combination of technologies. A traditional firewall and an up-to-date virus scanner may no longer be enough. But what is enough, exactly? Getting a handle on which solutions to deploy — and where — has become increasingly difficult, as emerging technologies have begun to overlap and functionalities have merged. For example, if your new firewall can block application-layer threats, do you need an intrusion detection system? Should you choose a rules-based IDS, or one that uses anomaly detection to flag zero-day attacks? And when should you consider host-based security measures, or a specialized application security solution?