Home > Unified Threat Management (UTM) > Defending the Self-Defending Network

Defending the Self-Defending Network

November 3rd, 2006 Leave a comment Go to comments

Firewall_breach_jpg
I recently gave a session presentation at TechTarget’s Information Security Decisions show in Chicago.  The topic of my presentation was "Defending the Self-Defending Network with Virtualized Enterprise UTM."  They’re actually making a roaming seminar series out of it.

Must have been the shirts and iPods I gave away?

What’s the presentation summary?  Simple.  "Embedded" network security as proposed by Cisco is a pipe dream.  In fact, it’s nothing more than the aging appliance model with boxes NOT embedded into the routers and switches at all; they’re just a single vendor’s appliances disguised as "security enablers."

The "Self-Defending Network" is a marketecture.  It’s not feasbile, unreasonable, fiscally mis-aligned to (and unaware of) the value of the assets it protects and the worst example of risk management modeling; protecting everything, everywhere, all the time is stupid.

You ought to protect the things that matter most with the best defense possible, where needed, when needed and at a cost where the risk justifies the cost.  Box sprinkling security is so last Wednesday.

You should build a stable, resilient, fast and reliable network.  Stir in some basic "embedded" or appliancized security functionality as acceptable and then overlay virtualized best-of-breed security as a service layer.  See the post regarding SSOA (Security Service Oriented Architectures) below for the full picture.

On a more theatric note…

The wonderful marketing mavens who dreamed up the theme for my session chose football.  I grew up in New Zealand.  I know Rugby.  Moreover, what I really wanted to do was to build a theme around the sport I love most, Mixed Maritial Arts — a’la Ultimate Fighting Championship (UFC.) 

For some reason they thought that using terms such as "Kimora," "Arm bar," "tap-out by submission," and "rear naked choke" would have some sort of negative impact.  I think it’s the perfect model for a network security presentation…so did about 30 of the guys who came back to the booth to discuss the recent UFC match between Rich Franklin and "Spider" Silva…Mui Thai clinches and about 5 knees to the head…awesome!

At any rate, you’ll appreciate my lame attempts at football analogies then.

Here’s a link to the presentation if you’re interested.

Chris

Categories: Unified Threat Management (UTM) Tags:
  1. Security Incite: Ana
    November 3rd, 2006 at 05:37 | #1
    Reply | Quote

    The Daily Incite – November 3, 2006

    November 3, 2006 – #149 Good Morning: Today Im inspired. People overcome great hardships every day and a lot of other people decide they are going to thrown in the towel and accept the path they are on. Ultimately, those kinds of decisions are

  2. Knuj Lla
    December 17th, 2006 at 20:49 | #2
    Reply | Quote

    The link to your talk on SANS (https://www.sans.org/webcasts/show.php?webcastid=90615) shows up an entirely different slide deck and conversation

  3. Christofer Hoff
    December 19th, 2006 at 10:56 | #3
    Reply | Quote

    I'm not sure I understand what you mean, exactly. The SANS presentation was a webcast that had to be delivered in 15 minutes, the TT presentation was an interactive talk that was an hour in length?
    The messaging is the same and some of the slides are abbreviated for both SANS' format (actual landscape and the fact that they don't support animations.)
    Chris

  1. No trackbacks yet.