InfoSec – the final curtain

Written By:
Published:
Content Copyright © 2007 Bloor. All Rights Reserved.
Also posted on: Nigel Stanley

So today was the last day of InfoSec, and the last round of briefings.

Deploying software patches, managing viruses, controlling data leaks and all the other associated security jobs that we need to do place a heavy burden on administrators and technicians. One tool that provides an interesting approach to solving this problem is BigFix (www.bigfix.com). Having invested a lot of effort into building an agent based infrastructure they are able to provide a firm foundation that can be used to address just this problem. As new operational requirements come on board, such as the drive to conserve power, BigFix can use their infrastructure to control remote PCs and tell them to power down as appropriate.

But what if you don’t even know the scale of your network?

Over 500 endpoints and the chances are that you will not have much idea where or what everything is. Scale this up to a network with tens of thousands of users and your network topology will be huge.

There is no way that the network administrator could be assured that they have no leaky end points or inter-network connections that have passed them by.

This is where Lumeta (www.lumeta.com) come into play. Having emerged from Bell labs in 2000, they work with a number of large network users, many in US government and defense, to monitor an organisation’s network topology.

Why would you bother? Obvious reasons would be due diligence, compliance and assurance. How on earth can you say your network is secure if you don’t know precisely how many endpoints there are? Many networks have unknown IP addresses lurking in the system that remain hidden for years? Every one of these is a security risk.

At least with a product such as IPsonar from Lumeta you can be assured that you understand the scale of your network under management. The next stage is the tough job of fixing it. The only problem I have is how to categorise this product…

The award for the coolest demo of the show must go to InfoGuard (www.infoguard.com) who sell appliances that secure your networks up to AES 256 level. Their main message was about the potential insecurity of fibre links and they demonstrated how, using $1000 equipment available on the web, they could tap into an optical fibre link. Many moons ago when I worked in optical laser R+D fibre splicing was a nightmare, and was difficult to accomplish. Now you can break into a fibre link by bending the fibre to encourage a small amount of peripheral light loss which can then be amplified and read as clear as day. This was demonstrated using VoIP – and the clarity of the intercepted signal was amazing.

In all InfoSec 2007 was a really enjoyable event. I will be following up on all of these vendors over the coming year to see how their products and propositions develop. It will be interesting.