THE CORPORATE WORLD is still protecting its networks with core security technology dating from 1995, according to a security pioneer speaking in Barcelona today.
Nothing much has changed with network security since 1995, said Nir Zuk, who is credited with creating stateful inspection technology, the first commercially viable firewall, and the world's first intrustion protection system (IPS).
Zuk said that all web applications are dangerous, even big enterprise ones like WebEx and Microsoft Sharepoint. But currently, security vendors are really only capable of securing web and email traffic rather than crucial applications like Facebook, Skype, LinkedIn and Twitter.
With something like Facebook, security only offers two options, block or not to block, which Zuk said is a big problem, an example of innovation going backwards, not forwards.
Naming Skype as an example, Zuk said, "It is a very dangerous application. Once you allow Skype to go through, there's no control of it. Skype can do file transfers, desktop sharing, funnel other applications.
"Are you going to allow it or block it? Well, good luck if you are trying to block it But all of you want to use Skype - there is no reason to block it."
Businesses tend to allow popular web applications due to employee demand, while applications like LinkedIn are becoming more and more important as a commercial tool. There are also ways around network security by using proxy bypass. And Facebook using SSL encryption is also going to make things difficult.
Zuk proposed that security be extended to all networks, so that web applications security is protected in the same way we protect web and email. Instead of completely controlling Facebook, businesses need to secure it by scanning it for traffic or viruses. No security vendor offers this protection, Zuk said.
Zuk suggested that security companies should adopt next-generation firewall technology, which offers protection focused on the application and the user, rather than the port and protocol. This will allow more traffic to pass, but properly secured.
He also criticised unified threat management, which he said is based on the "same old technology", slows down functionality, and still offers only web and email traffic protection. µ
Tabs to more Ctrl and less Win. Such Fn.
Either that or it's a really intense holiday