Now this is a question! Security is no longer a single product solution. You cannot just install a firewall and presume that your network is secure. What about internal threats? What about DoS attacks? The most important aspect of network security is the term "defence in depth". You have to look at every aspect of your computer network, starting with a written security policy and identify the risks that exist within the network. There are numerous products that can be mapped to each risk and these have to be implemented synonymously in order to fully protect your network. I also come across a lot of companies with security equipment that is installed and configured very badly. Security is a specialised area that really does require expert assistance in order to configure it to work safely and securely.

What is, in your opinion, the biggest challenge in protecting information at the enterprise level?

The biggest challenge statistically is protecting your internal resources from internal users. People seem to always forget about protecting their systems from internal users. The easiest way to attack a companies electronic resources is to apply for a job within the company and attack them from the inside. More often than not, there is little if NO protection from internal users. It is important to create security zones and only give users access to the information they require.


What are your future plans? Any exciting new projects?

I have just finished the CCIE Practical Studies: Security book for Cisco Press. It is a hands-on based book for the Security CCIE lab exam. I am just starting work on the second edition of "Cisco Secure Virtual Private Networks". This new book is more focussed on the Cisco VPN 3000 range of products and covers them in far greater details than the old book did. I am also studying hard for the Security CCIE.