Honeypots - hitting the sweet spot
Today, Honeypots are still in their infancy, developed and used primarily by researchers and security enthusiasts. A handful of commercial products are available, and organizations are beginning to deploy open-source honeypots and their more robust iterations, such as Honeyd. But honeypots are not widely deployed.
Yet, the technology is moving ahead rapidly, and, in a year or two, honeypots will be hard to ignore. New developments will advance the lab technology with the catchy name to a full-fledged, enterprise-level security tool.
In particular, look for advances in three areas:
Detection. Honeypots, by definition, see only "bad" traffic. Look for convergence with existing technology to help transform the intrusion detection crapshoot into a good bet.
Honeypot farms. A honeypot here, a honeypot there--not exactly scalable security. But in the near future, clustering will enable organizations to easily and quickly deploy honeypot technology globally.
Dynamic configuration. In the near future, honeypots will be able to "learn" about networks and configure themselves, making them a lot easier to deploy in large numbers.
[ Read more ]