RSS Alerts

Share

More services

Related Links

Related Stories

  • ISF’s Howard Schmidt becomes US cybersecurity czar
    Howard Schmidt, president and CEO of the Information Security Forum (ISF) was appointed White House Cybersecurity Coordinator just before the Holidays.
  • What Is Critical to Your Infrastructure?
    Critical infrastructure means many things to many people. Adrian Davis, principal research analyst with the Information Security Forum (ISF), explains why determining which infrastructure elements are critical to a business is the first step in keeping them safe
  • IT security budgets are expected to increase this year
    More than half of organizations expect to increase their information security spending in 2012, some by 8% of more, according to a survey by the Enterprise Strategy Group (ESG).
  • RSA: Life After Breach
    With the RSA security breach still fresh in the minds of information security practitioners across the world, you’d be forgiven for assuming that the heyday for token-based ID is long gone. Stephen Pritchard investigates the advantages and disadvantages of token-based ID and finds out why, for now at least, it’s here to stay
  • Cyber attacks grow more severe, frequent, say IT practitioners
    The full 73% of IT practitioners said that cyber attacks have become more severe over the past 12 months, and 43% said that attacks have become more frequent, according to a survey by the Ponemon Institute.

Top 5 Stories

News

ISF publishes guidance on converged networks

03 June 2010

The Information Security Forum has identified potential security vulnerabilities that can occur from the synthesis of multiple networks onto a single internet protocol (IP). In response, the non-profit has issued a report on network convergence security for its membership.

According to the ISF, network convergence of voice, data, video, and other service networks is becoming more widespread in an effort to reduce costs and increase flexibility. The practice, however, can leave organizations vulnerable to security threats arising from improper planning and novel, unknown threats.

The ISF, which includes more than 300 private and public sector bodies among its membership, conducted research on the risks vs. rewards of network convergence and has identified four key points to help increase security:

  1. Protect core network services and infrastructure from malicious attack, accidental mis-configuration and equipment failure.
  2. Authenticate and authorize users, devices and services to manage and restrict access to the converged network.
  3. Create and implement a protection framework for end-point devices that can no longer rely on the network for protection.
  4. Protect and manage services on the converged network using technologies such as encryption and virtual LANs.

“By integrating separate networks onto a common IP infrastructure, organizations are able to reduce duplication, make greater use of resources, simplify management and quickly introduce new services,” said Gary Wood, author of the ISF research. “While the business case for convergence is compelling, information security professionals are faced with protecting merged networks that may consist of thousands of different devices and services based on a protocol that has little inherent security functionality,” he added.

“Convergence is shifting protection towards the devices, services and data itself, with the network providing little more than guaranteed availability”, Wood continued. “While IPv6 does go some way to address these challenges, it is still not widely implemented in many organizations largely due to its complexity and incompatibility issues. Converged networks clearly offer considerable benefits but securing them requires a planned joint approach from network operations and IT departments to facilities and senior management and business users.”

The complete report is available online for ISF members.

This article is featured in:
Internet and Network Security • Security Training and Education

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012