Network intrusion prevention: An allegory

Rich Loeber

I live in the Adirondack Mountains in northern New York. When most people think about New York, they don't think much farther than New York City, but New York contains some beautiful and very wild locales and we live in the heart of one -- my home is located on a large lake in the area.

One of the key features of our place is a sandy beach. A few days after we moved in, we got up in the morning to find a small flock of Canada Geese on the lawn and thought what beautiful birds these were. After a few days of this, and a walk down to the beach area, our opinion of these geese headed downhill fast. We were under an intrusion attack and needed to do something about it to protect our beach from the mess that the geese were creating.

Our first attempts at intrusion protection were simple; we just ran outside waving our arms and chased the geese off the beach. They swam out on the lake a little way and then waited until we got tired and headed back inside. Within minutes, they were back. I then got the bright idea of leaving a "presence" on the beach to ward the birds off. I planted a broom on the beach and the geese did not return.... until the next day.

Not every intrusion situation is going to be the same. We have neighbors two houses away who never have a problem with geese, but frequently have bears getting into their trash.

A friend told us that Canada Geese are afraid of owls. I search the Internet and found an inexpensive owl statue. Our owl arrived a week later and with much excited anticipation, I put it up on the beach. The next day, the geese were back huddled right around the owl.

Then, quite by accident, we found a solution that worked quite well -- a lawn sprinkler. The geese did not like it and stayed away. After using the sprinkler for a few weeks, some of the geese found that they could avoid the sprinkler. But, the sprinkler technology was clearly one that worked. The only problem with it was it required direct intervention to repel an intrusion. When we traveled away from home, we would come back and find the beach a mess. If we just left the sprinkler on all the time, the yard would get soaked and we ended up with some beach erosion. A better solution was still needed.

This year, I found a supplier who makes a motion-sensor activated sprinkler! As soon as I saw these on the Web, I bought two of them! Two weeks ago, after some early intrusions by the returning Canada Goose population, I deployed the motion-activated sprinklers. Since then, we have not seen a single goose on our lawn.

So, what does this have to do with computer intrusion protection?

Lessons learned from this exercise in our yard show me the importance of first knowing what is going on in your network. If you don't keep track, you'll never know what's going on in your yard. You could be getting attacked on a regular basis and never know it. Second, you need to find the solution that is right for you. Not every intrusion situation is going to be the same (we have neighbors two houses away who never have a problem with geese, but frequently have bears getting into their trash). Listen to recommendations from friends and associates, but do your research. In my situation, I have left the owl statue in place as a constant reminder that some solutions are just dumb. Lastly, once you have a solution, fine tune it. Don't be satisfied until you know that the solution is always working and achieving your objectives. Keep up to date on developments in technology that you might use for your situation. Stay current. If you have a software solution, keep it current as your vendor releases updates.

If you are vigilant, you will be rewarded with a clean network. In my case, I am finally looking forward to having a nice clean yard and beach area this summer. About the author:
Rich Loeber is president of Kisco Information Systems Inc. in Saranac Lake, N.Y. The company is a provider of various security products for the iSeries market. He is also a frequent contributor of technical tips about iSeries 400 security on our sister site, Search400.com. Email Rich at rich@kisco.com.

Rate this Tip To rate tips, you must be a member of SearchNetworking.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Network Security Shifting defenses and dynamic perimeters challenge network security Compliance in a virtualized world: Server virtualization and NAC security Securing the new network architecture: Security for distributed, dynamic networks How to configure Windows Server 2008 advanced firewall MMC snap-in Security across network boundaries with Secure Mobile Architecture USB storage devices: Two ways to stop the threat to network security Network security: Using unified threat management (UTM) Network security: Empower users without endangering IT Network analysis -- Enhancing security assessments VPN security: Hiding in plain sight, using network encryption RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.