9780321436955

Endpoint Security

by
  • ISBN13:

    9780321436955

  • ISBN10:

    0321436954

  • Edition: 1st
  • Format: Paperback
  • Copyright: 2007-03-30
  • Publisher: Addison-Wesley Professional
  • Purchase Benefits
  • Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • Get Rewarded for Ordering Your Textbooks! Enroll Now
List Price: $64.99 Save up to $9.75
  • Buy New
    $55.24
    Add to Cart Free Shipping

    CURRENTLY AVAILABLE, USUALLY SHIPS IN 24-48 HOURS

Supplemental Materials

What is included with this book?

  • The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.
  • The eBook copy of this book is not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Summary

Protect your network from the threats that enter via endpoints like employee laptops, PDAs, and other end-user devices.

Author Biography

Mark Kadrich is President and CEO of The Security Consortium.

Table of Contents

Defining endpointsp. 1
Why security fallsp. 19
Something is missingp. 39
Missing link discoveredp. 67
Endpoints and network integrationp. 81
Trustworthy beginningsp. 105
Threat vectorsp. 125
Microsoft Windowsp. 137
Apple OS Xp. 177
Linuxp. 211
PDAs and smartphonesp. 253
Embedded devicesp. 285
Case studies of endpoint security failuresp. 305
Table of Contents provided by Blackwell. All Rights Reserved.

Excerpts

Preface Preface"That was some of the best flying I've seen to date -right up to the part where you got killed."Jester to Maverick in the Movie Top Gun IntroductionI suppose that's the thing that bothers me the most: the fact that we think that we're doing great right up to the moment that the network melts down. Over the years we've seen the number of security tools deployed on our networks increase to the point where we are completely surprised when our computing environments are devastated by some new worm. But how can this happen you ask? How can we be spending so much money to increase our security and still be feeling the pain of the worm de jour? And not just feeling this pain once or twice a year,we're feeling itall the time.To begin to answer this question, all one has to do is pop 'vulnerability' into Google and sit back and wait. My wait took a mere .18 seconds and returned over 69 million hits. Adding the word 'hacker' added an additional .42 seconds but did have the benefit of reducing the pool of hits to a tad over 4.2 million. Over 4 million pieces of information in less then half a second and for free! Now that's value.So, getting back to our problem and looking at the results pretty much sums up our present situation. We're buried under all sorts of vulnerabilities and we're constantly struggling to get on top of the things. The problem of patching vulnerabilities is so big that an entire industry has sprung up just to address the problem. The problem of analyzing and generating patches is so big that Microsoft changed its release policy from an "as needed" to a "patch Tuesdays".What are they really trying to address with the patches? One may think that it's about protecting the endpoint. What we're going to call endpoint security. This is a big topic of discussion. If we go back to Google and type in 'endpoint security' we get a little over 2.5 million hits. We can reduce that stratospheric result by typing in the word 'solution'. Now we're down to a much more manageable 1,480,000 hits.So what's the point? The point is that there are a lot of folks talking about the problem but they're doing it from the perspective of a vendor customer relationship: a relationship that is predicated on them selling you something, a solution, and you paying them for it. The shear motive of profit motivates vendors to produce products that they can sell. Marketing departments are geared toward understanding what people need and how to shape their product in a way that convinces you that they can fill your need. How many times have you gone back to visit a vendor web page only to be surprised that they now address your problem? Look at how many vendors moved from PKI (Public Key Infrastructure) to SSI (Single Sign On) and finally to IM (Identity Management). Why? Because nobody was buying PKI because of the enormous expense so the marketing departments decided to switch names or "repurpose" their product. Now it was about "leveraging their synergies" with the multiple sets of user credentials and promises of vastly simplified user experiences. When that tanked the marketing people invented IM. Yep, that's what I said, they invented IM so they could once again distance themselves from a failed marking ploy and get more people to give them more money. Profit.Ask any CEO what his or her mission is and if they don't reply, "to maximize shareholder value" I'll show you a CEO soon to be looking for a new job. It's all about making sales numbers and generating profit. The more

Rewards Program

Write a Review