All the latest UK technology news, reviews and analysis
|
|
|
20 May 2011
The security industry is relying on outdated technology for network protection, and is missing huge security holes, according to one of the inventors of the modern firewall.
Nir Zuk was one of the key developers behind modern firewalls in the early 1990s. He helped develop the first modern enterprise firewalls with Check Point, before moving onto intrusion prevention devices and further research into building more intelligent security products.
A serial entrepreneur, Zuk's companies have been bought out by some of the biggest names in the industry, but his latest company, Palo Alto Networks, is looking to reinvent the firewall as a truly intelligent device capable of fast scanning of application-specific traffic.
V3.co.uk caught up with Zuk at the opening of Palo Alto Networks' new headquarters in Santa Clara, and quizzed him on where the security industry is heading.
Firewalls were in their infancy in the 1990s. What was the starting point?
The main idea behind the firewall at Check Point was that there needs to be a compromise between security and connectivity. There is always a fight between the two: the more security, the less connectivity.
The goal at Check Point was to bring up the level of security while maintaining the level of connectivity, compared to packet filters. The only other technology back then was proxy servers, which severely limited connectivity but offered pretty good security.
At Check Point we found the right balance between connectivity and security, which is why the company was successful and the copycats came along.
What more do you think you can bring to the field now?
Today's network security infrastructure - not just the firewall but the entire network security infrastructure - is all using technology that was designed 15 years ago when the internet was just web and email. They are unable to provide the same level of security for modern applications.
Take Facebook. You can leave it open or shut it down, but for many organisations Facebook is becoming almost as important as email, and even more so with WebX and SharePoint. With all of these applications you have two options: shut them down or accept them without checking the data.
You need to maintain the same level of security with applications as you do with web and email.
Latest stories from Security
Related videos
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
My client, a large local government organisation are...
Web Developer - ASP.NET/SQL Server/Ajax/ecommerce- up...
My client (a large blue chip with offices near Chester...
Position: EMEA & HQ IT Controller Reference...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
There are client solutions
We've been experimenting with a new operating system from a group in upstate New York called "KNOS." It's a complete client desktop based on BSD which is similar to what the Chinese have developed in their "Kylin" operating system and we've been quite impressed with it so far. We've thrown every type of malware and exploit from Windows to OSX to Linux at it and it comes through with flying colours. The editors might want to check their "KNOS Project" site for more about this.
Posted by: Frank Kellig 25 May 2011
slow death?
interesting article but also sounds like a lot of FUD from the vendor quoted as well
Posted by: anon 20 May 2011