|
|
|
|
IMS Adoption vs. NGN Application Growth: Where's the Revenue?
|
|
Anyone might be asking: "Why do applications need to be enabled by the network in the first place?" Well, even for "simple" voice applications there is a myriad of complex interactions between various gateways, the client devices (phones), billing systems, user-specific parameters stored in configuration databases (i.e., their phone number(s), voice mail servers, related application configuration data) that the network must know in order for the user to access the network and send and receive calls. The most important aspect of the service-enabling layer for the operator when offering any service is that the usage must be billable. Nearly every intelligent network application has similar requirements. A key insight related to IMS is that the logical service-enabling functions that have been built for GSM mobile networks over the years can be generalized, especially in light of several simultaneous, disruptive mega-trends.
|
|
|
|
|
Applying Service Assurance and Negative Testing to Prevent Costly
Downtime
|
|
In order to deliver a service that is highly available and reliable, organizations need to evaluate IP-based solutions across the widest possible range of adverse conditions, such as occur when receiving unexpected input from a new implementation of a complex protocol or when under active attack. Product vendors and their customers need to ensure that any product within the IP ecosystem can handle a "perfect storm" of unexpected traffic using test cases comprised of invalid inputs more severe than anything likely to be encountered in real world deployments. New approaches to "negative testing" are being developed to ensure products withstand such adverse conditions.
|
|
|
|
|
Sobering Realities of Enforcing NAC: Top 5 Challenges that Solutions Need to Address
|
|
Is Network Access Control living up to the hype? Despite the general acceptance that something is needed to secure mobile and unmanaged endpoints connecting to the network, NAC pre-connect solutions face a number of challenges. Here is a look.
|
|
|
|
|
Combating the Evolution of Insider Attacks with Persistent LAN Security
|
|
In just a few years, attack patterns have evolved from shotgun approaches like mass-mailer viruses to sophisticated, targeted attacks. The new pattern in these attacks is abundantly clear: financial gain. And the culprits are increasingly the organization's"insiders"—the employees, contractors and business partners working inside the network's perimeter protections. This article examines the concept of persistant LAN security.
|
|
|
|
|
The Virtualization of Security
|
|
By now, we all agree that virtualization is the next great enabling technology for data center consolidation. Within the network security domain, one can identify several virtualization techniques that provide not only immediate economic benefits but also flexible threat mitigation capabilities. These techniques revolve around virtualized policy, network and application services
|
|
|
|
|
Unsecured Mobile Devices: Is Your Organization at Risk?
|
|
Network Chemistry has published a Wireless Threat Index report based on data gathered from one million connections made by enterprise users in offices, on the road, and in homes from May 2006 to November 2006. Here's an assessment of the serious security risk posed by mobile devices.
|
|
|
|
|
The Security Applications Network: A Modern Army for Defending against Tomorrow's Threats
|
|
If you pay attention to the mass media, you could be forgiven for thinking that today's greatest security threat is the transportation of liquids on airplanes -- after all, the dangers of dihydrogen monoxide are well documented. However, the threat landscape facing today's corporate network infrastructure is far more worthy of our attention -- a clear and present danger that is difficult to detect, and very difficult to defend against. Here is a look at why a security ecosystem is a good idea.
|
|
|
|
|
Securing Your Unified Messaging (UM) Infrastructure
|
|
Once voice mail is coupled with email in a unified messaging (UM) environment the voice mail system is now subject to the same list of attack vectors that the internet-based email system is subject to. These attack vectors can result in unpredictable performance. The role of UM infrastructure is evolving quickly.
|
|
|
|
|
Security Auditing: Using a Security Analyzer to Conduct Comprehensive Audits
|
|
Every network has at least some vulnerabilities exposing it to possible exploit or attack. These vulnerabilities—both known and previously unknown—often exist in the most unlikely of places, such as the firewalls, intrusion protection systems and other perimeter defenses ostensibly protecting the network. A new tool—the security analyzer—helps make security audits easier than ever to conduct. And the best security analyzers yield far better results than previously available with vulnerability assessment tools or penetration testing techniques.
|
|
|
|
|
Is 802.1X the Right Choice for LAN Security?
|
Known best for port-based authentication to secure access to wireless LANs, the LAN Port Access Control framework defined by the IEEE 802.1X standard is now gaining new exposure as a user authentication mechanism for certain network admission control (NAC) products. But users considering 802.1X authentication should look more closely at both its tactical and strategic implications to ensure it's the right choice for their broader LAN security needs.
NAC solutions that rely on 802.1X for user authentication present network and security administrators with difficult choices: upgrade all your legacy switches or do without NAC and user-based access controls. If those choices don't create enough issues, implementing 802.1X for LAN also requires configuration of desktop software, a tedious, error-prone, and time-consuming process.
|
|
|
|
|
Advanced Unified Threat Management for the Enterprise
|
While the concept of"defense-in-depth" is not new to the enterprise, the days of implementing layers of security on a piecemeal basis are numbered. Not only can organizations ill-afford to maintain security expertise across so many disciplines -- anti-virus, intrusion prevention, anti-spam, and firewalls among them -- but the implementation and management overhead to sustain this legacy approach is prohibitive and full of security compromises.
The industry has already moved through three distinct generations of security: software-only approaches, endpoint software on PC-based hardware, and network-based layer 3 -- 4 security appliances. And despite these increasingly sophisticated approaches, the results have been mixed at best. Successful hacker attacks continue on the rise; enterprises are still highly vulnerable to content-based security risks; and many organizations spend as much of their IT/security resources managing disparate devices as they do remediating security breaches.
|
|
|
|
|
Protecting IPTV Infrastructure from Security Risks
|
Delivering video content over IP creates efficiencies and new revenue opportunities not feasible with current television services, but moving to IPTV also opens up these video services to the same threats that face all other IP-based services. Denial of service attacks, spoofing, and theft of services are among the possible threats that can affect the reliability, quality, and customer satisfaction of IPTV services. Any security breach can have an immediate and significant impact on both service providers' revenues and subscribers' loyalty.
This article will outline the security challenges associated with IPTV services, and will discuss the techniques necessary to effectively protect these services.
|
|
|
|
|
Are Hackers Eyeing your VoIP Network?
|
|
Delivering SIP-based services on the public network brings with it several potential security issues. These issues must be understood by both users and service providers, however the burden is with the service provider to offer a secure and reliable service to the user. For example, imagine that a denial of service attack targeted an IP address, bombarding the network with SIP messages until it breaks down under the volume of information.
|
|
|
|
|
Accelerating Security Solutions
|
|
The volume of data that needs to be processed by security applications is increasing exponentially due to the ever-increasing complexity of network traffic and the bandwidth of network connections. Additionally, due to the growing number and sophistication of attacks, network security applications are growing both in their complexity and also in their processing demands. However, these two factors are inherently conflicting since increased complexity results in additional processing demands. As such, security applications such as Antivirus, Antispam, Antispyware and Intrusion Detection and Prevention, have quickly become the major bottleneck in today's network environments.
|
