Symantec, Trend, others show that hackers are getter smarte

1
Network Security Tough Love

• David Strom
• Sonicwall Sales Meeting
• 1/24/08 (new)

2
Security industry trends

• Exploits aplenty
• Vista is no cure-all, quite the contrary
• NAC going nowhere
• Managed services bonanza

3
Exploits aplenty

• Symantec, Trend, others show that hackers are
  getter smarter and more sophisticated
• The browser is still a security sinkhole
• IM and p2p vectors gaining prominence
• Lots of zero-day attacks and bot nets

4
It is so easy to secure XP NOT!

• -install latest patches, and enable Windows
  Update
• -disable file and print sharing, disable DCOM
• -turn off several Windows services
• -use autoruns and msconfig to disable more stuff
• -disable extension hiding and file sharing in
  Explorer
• -secure IE, then install and use Firefox
  noscript plugin
• -install a firewall
• -install antivirus, antispyware, and Security
  Task Manager
• -install a new hosts file to block ads and
  malicious sites
• -create and always use an unprivileged account
• -if my kids will be using the computer, then use
  Microsoft's Software Restriction Policies
• (from SANS Internet Storm Center diary 10/17/07)

5
Vista is no panacea

• First off, few IT shops are buying
• Built-in firewall still comes up lacking
• SANS comments arent thrilling
• Graphics resources required are immense
• Why are we still dealing with driver issues
  nearly one year post-launch?

6
NAC is nowhere

• Cisco, Microsoft both losers
• Agents everywhere and no one wants anything to do
  with them
• One hacked laptop can still ruin an entire
  network
• Major vendors are still on 1st generation tools,
  just barely

7
The bonanza of managed services

• Hyper-specialization for different kinds of MSPs
• Every small city now has its own MSP
• Outsourced everything data centers,
  applications, backup, servers, even virtual PBXs
• Get away from break/fix and box pushing
• Two words recurring revenue!

8
Old saying

• To keep your children totally safe don't let
  them out at all
• To keep your systems safe, don't do any business
  at all
• Now, lets talk the real world and assess and
  manage our networks

9
Parental tough love

• When to say no
• Let your kids make their own mistakes
• Facing consequences
• Blended families have special issues

10
When to say no

• How to block the wrong kinds of traffic (exploits
  and viruses)
• How to block evil things like p2p and IM
• When your clients are using the wrong gear
• When yes really means no

11
Learning from ones mistakes

• Understanding IDS and firewall logs
• Know when to outsource your security
• Know when Cisco and Juniper dont have the right
  solutions for your clients

12
One VARs product mix

• Juniper for VPNs
• Avaya for VOIP
• Extreme for routers and switches
• Why isnt Sonicwall in this mix?

13
Facing consequences

• Under-powered firewalls
• Under-funded IT support
• Virtualization can open up security loopholes

14
Blended family issues

• MA doesnt always work out
• Cisco is still on a buying binge
• Aventail now part of our family (but a distant
  cousin still)
• Even HP is buying security companies!

15
More blended families the user perspective

• Merged IT systems means a lot of finger-pointing
• Which alpha male dominates when it comes to
  security systems?
• The user just wants to get his work done!

16
So how does this translate?

• Learn how to listen to your customers
• Treat them as adults even when they act as kids
• Dont assume that security by obscurity will keep
  working for you

17
My potential Sonicwall threats

• Linksys will finally take hold of business
  markets
• Symantec will figure out how to sell security
  hardware
• Microsoft will release a secure version of
  Windows
• Juniper will integrate Netscreen and Neoteris and
  become the NAC champion