- How to make new stuff from your piles of obsolete tech
- Why your computer sucks
- 10 recession-proof IT skills
- Juniper execs share network vision
- 9-year-old plots his fifth Microsoft certification
Ted Schlein has been in the thick of the IT security industry for more than 20 years. He started off building Symantec’s original antivirus software and went on to run all the enterprise product lines there. For the past 10-plus years, he has been investing in security companies for venture capital firm Kleiner Perkins Caufield & Byers, where his first investment was in ISS (now part of IBM). One place Schlein has been putting his money of late is into companies that secure networks at the client. He spoke this week with Online Executive News Editor Bob Brown.
Why the focus on client-side security?
The “aha” to me was about five years ago when we were doing all this network-based security prevention -- [intrusion-detection systems], antivirus gateways, etc. -- and the number of threats just kept going up, the number of exploits that were successful kept going up, and the number of dollars lost kept going up. To me that’s complete failure.
The report card I give the security world over the last 20 years is that it has done some things to slow things down but has really not prevented anything. It really got me thinking about what would I do and why. It’s no secret that networks are more porous, people come in and out of networks all the time, it’s very different than when we did the original antivirus stuff or even with the first IDSes or even when Check Point got started and you built the wall around your kingdom, which you can’t do anymore.
So the weakest points end up being the end points, and you have to start securing the actual assets themselves. Trying to block the roads won’t ever work. My focus really shifted about five years ago to: “How do we protect the actual assets?”
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (10)
Network based solutions can't do everything, but the same is true for clientsBy domwilde on June 15, 2007, 4:12 pmBut, who's watching the watchers? Re: Why network-based security doesn't cut it anymore. Interesting points here, but if you put the security solution in userland...
Reply | Read entire comment
What about server security?By Anonymous on June 15, 2007, 5:25 pmIts one thing to try to secure huge populations of endpoints (across depts) from all kinds of attacks (including uneducated users adding new risks), but what stands...
Reply | Read entire comment
The network-based security issueBy Henry L. Tillman on June 15, 2007, 9:51 pmThe present state of Network security from the Firewall to the Server to the Client is dismal to say the very least. The author is definitely correct in his...
Reply | Read entire comment
either/or or both?By Anonymous on June 16, 2007, 6:56 amEver heard of defense in depth? Cisco has their IDS/IPS for network basked security and the ASA/Pix devices for perimeter security. They also have their "Cisco...
Reply | Read entire comment
Technology - is the wrong way to do securityBy Brad Reese on June 18, 2007, 8:12 amTrying to address everything with Technology, Technology, and more Technology - is the wrong way to do security. Never forget about People and Process, as well...
Reply | Read entire comment
Client side security?By Schratboy on June 18, 2007, 10:27 amWhat a revelation: clients are where the problems are? Every user represents a multi-pronged threat whether inside or outside the network. Administrators have too...
Reply | Read entire comment
View all comments