Emerging Solutions

New initiatives from leading network and security vendors hold the promise of easing the VPN outbreak burden in the future. Cisco's Network Access Control (NAC) is one such initiative. Essentially NAC will inform a Cisco router or VPN about the current state of the mobile user's security. Information such as patch levels and anti-virus signature updates are then used by the VPNs to determine whether or not this person is safe to enter your network. If they are not safe the device directs the user to an internal web page where they can download the latest patches or virus signatures. Other vendors are promising to deliver a similar set of functionality. These solutions should greatly help security teams control the number of outbreaks occurring through the VPN.

Summary


VPNs will likely continue to be the weakest link in an organization's security infrastructure for some time to come. Implementing these recommended actions should help security teams minimize, and hopefully someday eliminate, the impact from outbreaks entering through the VPN. Although these methods will help to better defend your enterprise, they are by no means a substitute for an effective, comprehensive Threat Management strategy. Such a strategy must include prevention, discovery, assessment, detection, response and early warning. Implementing this strategy will provide a security team with the best chance of efficiently protecting your enterprise from existing and emerging threats.



Steven Drew is Chief Operating Officer of LURHQ Corporation, a trusted provider of Managed Security Services. Founded in 1996, LURHQ protects the critical information assets of more than 400 customers by offering integrated Threat Management services. LURHQ's 24X7 Threat Management capabilities enable customers to enhance their security posture while reducing the costs of managing their security environments.