Security in the post-Internet era: the needs of the many the needs of the few Terry Gray University of Washington Fall Internet2 Meeting 16 October 2003.

Slides:



Advertisements
Similar presentations
Rocket Software, Inc. Confidential James Storey General Manager, OSS Unit Rocket Software APNOMS 2003: Managing Pervasive Computing and Ubiquitous Communications.
Advertisements

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.
Computer Security II Lecturer – Lynn Ackler – Office – CSC 222 – Office Hours 9:00 – 10:00 M,W Course – CS 457 – CS 557.
Firewalls Dr.P.V.Lakshmi Information Technology GIT,GITAM University
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
Firewalls & VPNs Terry Gray UW Computing & Communications 13 September 2000.
1 University of WashingtonComputing & Communications security in the post-Internet era Terry Gray C&C all-hands meeting 09 March 2004.
University of WashingtonComputing & Communications Network Security Principles & Practice for UW Medicine Terry Gray April 2004.
1 © NOKIA Presentation_Name.PPT / DD-MM-YYYY / Initials Company Confidential The Internet offers no inherent security services to its users; the data transmitted.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
©2015 EarthLink. All rights reserved. IPsec VPN More Bandwidth for the Buck.
University of WashingtonComputing & Communications Ten Minutes on Five Nines Terry Gray Associate VP, IT Infrastructure University of Washington Common.
Network Research An Operator’s Perspective Terry Gray University of Washington Associate Vice President, Technology Engineering, C&C Affiliate Professor,
Network Insecurity: challenging conventional wisdom Terry Gray UW Computing & Communications 10 October 2000.
University of WashingtonComputing & Communications Networking Update Terry Gray Director, Networks & Distributed Computing University of Washington UW.
University of WashingtonComputing & Communications Recent Computer Security Incidents Terry Gray Director, Networks & Distributed Computing 03 October.
Uw network security 2003 Terry Gray University of Washington Computing & Communications 17 October 2003.
Internet Messaging in 60 Minutes Terry Gray -University of Washington Policy Issues Mission Critical Messaging Goals Relevant Standards Standards Update.
Firewalls Presented by: Sarah Castro Karen Correa Kelley Gates.
Future Research Directions Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.
Disconnect: security in the post-Internet era Terry Gray University of Washington 12 August 2003.
Enterprise QoS Reality Check Terry Gray Director, Networks & Distributed Computing University of Washington.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
The new state of the network: how security issues are reshaping our world Terry Gray UW Computing & Communications Quarterly Computing Support Meeting.
Uw network security 2003 Terry Gray University of Washington Computing & Communications 17 October 2003.
1 University of WashingtonComputing & Communications UTAC SECURITY UPDATE Terry Gray 1 Oct 2004.
1 State of the Network 1 May 2007 Computing Support Meeting Terry Gray Assoc VP, Technology & Architecture C&C.
1 University of WashingtonComputing & Communications UW Network Status 2006 Terry Gray Computing Support Meeting 13 February 2006.
Copyright Security-Assessment.com 2004 New Technology Enforcement Strategies by Peter Benson.
That’s Really not the Point… haroon meer | charl van der walt SensePost.
Intranet, Extranet, Firewall. Intranet and Extranet.
ShareTech 2015 Next-Gen UTM.
[Unrestricted]—For everyone ©2009 Check Point Software Technologies Ltd. All rights reserved. Introducing Check Point’s Software Blade Architecture Juliette.
{ Active Directory Security Why bother?.   Law #1: Nobody believes anything bad can happen to them, until it does   Law #2: Security only works if.
1 Internet Firewalls What it is all about Concurrency System Lab, EE, National Taiwan University R355.
Lecture 15 Page 1 Advanced Network Security Perimeter Defense in Networks: Firewalls Configuration and Management Advanced Network Security Peter Reiher.
Your Business Challenges
K E M A, I N C. Ten Steps To Secure Control Systems APPA 2005 Conference Session: Securing SCADA Networks from Cyber Attacks Memphis, TN April 18, 2005.
Thoughts on Firewalls: Topologies, Application Impact, Network Management, Tech Support and more Deke Kassabian, April 2007.
Lecture 16 Page 1 Advanced Network Security Perimeter Defense in Networks: Virtual Private Networks Advanced Network Security Peter Reiher August, 2014.
Cosc 513Presentation, Fall Network Security Student: Jianping He Student ID: Instructor: ProfessorAnvari Fall 2000.
University of WashingtonComputing & Communications UW Medicine Networking Update Terry Gray Associate Vice President, IT Infrastructure University of Washington.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
Total Threat Protection Securing All Your Threat Vectors Hartford Tech Summit.
Jericho Commandments, Future Trends, & Positioning.
Security Infrastructure Panel: Implications for Network Engineering  Dave Dittrich, U. Washington  Gary Dobbins, Notre Dame  Gerry Sneeringer, U. Md.
Computer Security By Duncan Hall.
Security “Automatic Border Detection” is essential – For service discovery scope – For prefix assignment and routing – For security Default filters (ULAs?)
Can we save the OPEN Internet? with focus on The Two-Port Internet Problem and what to do about it Terry Gray Designated Prophet of Doom University of.
59th IETF Seoul, Korea Quarantine Model Overview “Quarantine model overview for ipv6 network security” draft-kondo-quarantine-overview-00.txt Satoshi kondo.
Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.
IS3220 Information Technology Infrastructure Security
No boundaries with Unified Web Security Solutions Steven Vlastra Sr. Systems Engineer - Benelux.
The Fallacy Behind “There’s Nothing to Hide” Why End-to-End Encryption Is a Must in Today’s World.
WEBINAR Device Labs Boost Mobile Test Automation
Juniper Software-Defined Secure Network
Barracuda Firewall The Next-Generation Firewall for Everyone
Next Generation Network Security using Software-Defined Networking
SEC 572 Competitive Success/snaptutorial.com
2018 Real Cisco Dumps IT-Dumps
SEC 572 Education for Service-- snaptutorial.com.
SEC 572 Teaching Effectively-- snaptutorial.com
UNM Enterprise Firewall
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
How to Mitigate the Consequences What are the Countermeasures?
Implementing Client Security on Windows 2000 and Windows XP Level 150
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Advanced Computer Networks
Network Security in Academia: an Oxymoron?
firewalls and fate zones: operational impact
Presentation transcript:

security in the post-Internet era: the needs of the many the needs of the few Terry Gray University of Washington Fall Internet2 Meeting 16 October 2003

2003: security ”annus horribilis” Slammer Blaster Sobig.F increasing spyware threat attackers discover encryption hints of more “advanced” attacks and let’s not even talk about spam…

2003: security-related trends RIAA subpoenas growing wireless use VoIP over pilots more mobile devices more critical application roll-outs faster networks “personal lambda” networks SEC filings on security? class action lawsuits?

impact end of an era… say farewell to  the open Internet  autonomous unmanaged PCs  full digital convergence? say hello to  one-size-fits-all (OSFA) solutions  conflict... everyone wants security and max availability, speed, autonomy, flexibility min hassle, cost the needs of the many trump the needs of the few (but at what cost?)

consequences more closed nets (bug or feature?) more VPNs (bug or feature?) more tunneling -“firewall friendly” apps more encryption (thanks to RIAA) more collateral harm -attack + remedy worse MTTR (complexity, broken tools) constrained innovation cost shifted from “guilty” to “innocent” pressure to fix problem at border pressure for private nets

revelations system administrators (2 kinds…)  want total local autonomy… or  want someone else to solve the problem  often unaware of cost impact on others users (2 kinds: happy & unhappy)  want “unlisted numbers”  need “openness” defined by apps feedback loop:  closed nets encourage constrained apps  constrained apps encourage closed nets

perimeter defense tradeoffs border  biggest vulnerability zone  biggest policy vs. performance concern subnet  doesn’t match org boundaries  worst case for NetOps debugging  consider also: sub-subnet LFWs, etc. host  optimal security perimeter  hardest to implement

never say die goal: simple core, local policy choice how to avoid OSFA closed net future?  design net for choice of open or closed  pervasive IPsec combine with “point response” won’t reverse trend to closed nets, but may avoid bad cost shifts alternative: only closed nets, policy wars

questions? comments?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.