| INDEX |
| >>
|
Up Front
Welcome
|
| >>
|
Faculty
Viewpoint
Marcus Ranum |
| >> |
Data
Point
HIDS vs. NIDS |
| >> |
Forum
Recap
Mid-Atlantic Forum,
March 2004
|
| >> |
Partner
Program News
Launch nears |
| |
 |
|
EVENTS
|
|
Southeast Forum
May 19-20, 2004
Midwest Forum
July 14-15, 2004
New England Forum September 8-9, 2004
New York Forum
November 16-17, 2004
Lone Star Forum
January 2005
Mid-Atlantic Forum
March 2005
|
| REGISTER NOW |
|
|
Was this newsletter helpful? Send your comments
to ask@ianetsec.com
|
|
|
|
| SUBSCRIPTION
CENTER |
| The
staff of Institute Insights seeks to keep Forum friends
and alumni informed about events, insights and other
news.
Register a friend: Keep your colleagues in the
loop. Sign
them up today.
Unsubscribe: If this newsletter has
reached you in error or you are no longer interested
in network security, you may unsubscribe at any time
by directing an email to
unsubscribe@ianetsec.com.
Please specify if you wish to discontinue your Insights
subscription or all Institute mailings.
|
|
|
|
|
Welcome to the inaugural issue
of Institute Insights. Four times a year the
Institute will
present the most useful insights distilled from
our regional Network Security Forums. We
hope
you
find it
helpful.
This issue's Data Point shows just
how large and important the installed base of
IDS is among
our
members,
and in our Faculty Viewpoint, Marcus Ranum outlines
the relationship between IDS tuning and the power
of Security Information Management (SIM). The
emergence of SIM is a trend
we’ve been watching closely over past 18
months. Forum members are increasingly interested
in SIM products -- and well they should be.
Their security infrastructures, weighted with
many more disparate sensors than originally envisioned,
produce unmanageable amounts of data. SIM
offers aggregation and correlation, bringing
the critical
product feature IDS/firewall developers never
baked into their products: intelligence.
As the sensor suppliers focused their efforts
elsewhere, this new breed of entrants moved in
and started helping
IT security professionals pull meaning out of
their data. That is an important
advance, and one that may deserve consideration
in your environment. -- The
Institute
|
|
 |
| FACULTY
VIEWPOINT: Marcus J. Ranum |
| IDS Tuning: At the front
or back end? The case for a SIM |
|
| IDS
tuning: Is there anything more frustrating?
I've talked to IDS practitioners who have been horrified
to discover that they are still tuning their IDS
a year after they initially deployed it. Problems
with IDS tuning have sparked considerable controversy,
even going as far as Gartner Group's declaration
that IDS is a dead-end technology because of the
false positives and noise they produce. So what's
a technologist to do? Read
more>> |
Marcus Ranum (right) speaking with forum participant.
| Marcus
J. Ranum is a member of the Institute
faculty. A well-known security technology
visionary and
scientist,
he can be reached at mranum@ianetsec.com. |
|
|
|
| DATA POINT |
| Forum Community Goes Heavy
on IDS |
|
 |
More
than 4 in 5 Forum members have an IDS deployed, and nearly 2 in 5 have both network- and host-based
systems in place, according to Institute data collected
from 230 Forum members in 2003. A third use network-based
IDS and just 5% use host-based IDS alone. Of the
20% without an IDS system, 4 in 5 plan to deploy
one. |
|
Would you like to participate in future surveys?
If so, send an email to newsletter editor Anne
McCrory at amccrory@ianetsec.com
with your email address. Suggestions for future
poll questions are also welcome.
|
|
|
| FORUM
RECAP |
Mid-Atlantic Forum Debuts
New Curriculum,
Hosts Largest Group Ever |
|
| The Mid-Atlantic Network Security
Forum on March 3-4 at the Grand Hyatt Washington
D.C. hosted 126
participants, including many alumni,
for the debut of the Institute’s 2004 curriculum.
In addition to a keynote by federal cyberczar Amit
Yoran, the Forum featured a record
14 user briefings. Topics included
patch management strategies, wireless security deployments,
and experiences with perimeter security. The
Institute's next Forum is May 19-20 in
Atlanta. |
|
|
| PARTNER
PROGRAM NEWS |
| Institute nears launch of
Partner Program |
|
| The Institute
is
pleased to announce the launch of the Institute
Partner Program at the Southeast Network Security
Forum on May 19. The Partner
Program will combine entry to Institute Forums
with regional dinners, live audio user
briefings and a full complement of written summaries
of all
events.
The Partner
Program
is open to all organizations and will be available
on an annual subscription basis. To learn
more, please contact Phil Gardner at 617.399.8100. |
|
|
