Network Evolution

Building the infrastructure for the changing face of IT

animind - Fotolia

Manage Learn to apply best practices and optimize your operations.

Context aids fight against network security threats

Today's network security threats demand a context-based approach, but without a good grasp of security basics, context won't do you much good.

Do you have a favorite type of doughnut?

I love a simple glazed doughnut just out of the fryer. Time it just right, and the sugary coating melts on your tongue like butter.

I'll admit it: I'm easily distracted when it comes to food. But I think you'll understand why this edition of Network Evolution has me daydreaming about doughnuts (as if I'd need an excuse).

When I started working on our cover story about context-aware network security ("Taken out of context: No shortcuts to secure networks"), one of the first people I reached out to was Michele Chubirka. You probably know her as "Mrs. Y." She's an incredibly savvy security engineer with a finely tuned B.S. detector. In other words, she was the perfect person to talk to for this story.

Context-aware security is a pretty cool approach to securing the network -- at least compared to the old methods of simply blocking ports and protocols. Attacks now target individual users and prey on their behaviors -- from booby-trapped Facebook posts to highly targeted spear phishing campaigns. So it makes sense that the best defense against them is a network that dynamically adapts its policies based on who each of those users are and what they normally do.

But the thing about context-aware security, I learned, is that it's not for rookies. It's what comes after you have invested the time and resources in building exhaustive data and user classification models.

That's where the doughnut comes in.

"If you're going to do context-aware security … those are the sprinkles on the doughnut. If you don't have a doughnut, why are you looking at the sprinkles?" Chubirka said. Sprinkles, known to our friends across the pond as "hundreds and thousands," represent context-aware security in the sense that both are enticing and exciting, but they can't come first. Context-aware security supplements your existing network security strategy, rather than replacing it. It's not unlike needing a house but getting sold pretty shutters, Chubirka continued, but the doughnut example sticks with me because, as I explained above, I have a one-track mind when it comes to food.

So while contextual awareness won't be your first step, it should certainly be your goal. Paul Carugati, who heads up the cyberdefense program at Motorola Solutions and has thwarted several attacks with a context-based approach, told me that "you absolutely need to have some contextual awareness within your security program."

Also in this edition, TechTarget's Rivka Gewirtz Little uncovers cases of hybrid software-defined networking (SDN) being used in the wild ("Hybrid SDN: The gateway drug"), where two engineers describe how they're using a blend of traditional networking and SDN technologies. Additionally, TechTarget's Shamus McGillicuddy talks to network engineers who are learning programming languages to make network management less tedious and to prepare for all the amazing things programmable networks will be able to do ("Python won't bite: Network engineers shouldn't fear code"). And don't miss this issue's edition of "The Subnet," where we catch up with a senior network engineer at American Public Media, the second-largest public radio broadcaster in the United States ("When downtime equals dead air").

Article 5 of 5
This was last published in August 2014

Dig Deeper on Network Security Best Practices and Products

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

Get More Network Evolution

Access to all of our back issues View All