Businesses today are under intense pressure to open up their networks, comply with increasingly rigorous regulatory requirements, AND ensure their IT assets are protected from attacks. This white paper explores these security challenges and explains how host-based Intrusion Prevention Systems play a critical role in an organization's overall security strategy.
Intelligent Defense for Enterprise Assets The Need for Host Intrusion Prevention At the same time that organizations are providing deeper access to their networks for employees, partners and customers enabling flexible work environments and more efficient business relationships - organizations are faced with an increasingly hostile threat environment as well as rising complexity associated with corporate and regulatory compliance. This whitepaper looks at the security challenges faced by organizations and explains how Host Intrusion Prevention (HIP) plays a critical role in an organization's overall security strategy.
TABLE OF CONTENTS EXECUTIVE SUMMARY ................................................................................................ 2
ENTERPRISES ARE UNDER SIEGE............................................................................. 3
THE CHANGING THREAT ENVIRONMENT............................................................................ 3 INCREASING RISKS.......................................................................................................... 4 THE REGULATORY IMPERATIVE ........................................................................................ 5 SECURITY FORECAST: WORSE TO COME .......................................................................... 5
COMMON SECURITY APPROACHES ARE NECESSARY BUT NOT SUFFICIENT.... 6
THE PERIMETER IS POROUS ............................................................................................ 6 PATCHING ALONE IS NOT THE ANSWER.............................................................................. 8 ECONOMICS OF THE SHRINKING PERIMETER ..................................................................... 8
TODAY'S SECURITY BEST PRACTICES ..................................................................... 9
A DEFENSE-IN-DEPTH STRATEGY IS IMPERATIVE............................................................... 9 HOST INTRUSION PREVENTION IS YOUR BEST, LAST LINE OF DEFENSE............................... 9 BATTLEGROUND: WHERE DOES HIP MAKE SENSE .......................................................... 10
PROTECTING YOUR ORGANIZATION: THE NEED TO ACT NOW........................... 10
ABOUT THIRD BRIGADE ............................................................................................ 11
Executive Summary
Internet-based attacks against enterprise networks are unrelenting, more sophisticated and, because today's attackers are motivated by profit, more dangerous to the data and systems those networks hold. Compounding the heightened threat environment, regulatory pressures associated with information security have also increased dramatically. In the new regulatory environment, information security executives must succeed in the battle against these attacks and demonstrate continuous improvement in their defenses. Compliance is not an end state but a process, subject to continuous monitoring, verification, and improvement. Defense-in-depth is the only viable strategy for data and system protection, but the environment is constantly evolving. Regulators demand the timely deployment of effective solutions. Because malicious code can now evade conventional defenses and penetrate deep into networks, today's security best practices are redefining the perimeter and incorporating host intrusion prevention (HIP) as the last line of defense in comprehensiv... [download for more]
