“Security software is also but flat software ‘- Automation Guide

: Size the image correctly ?? ->

Beveiligingssoftware- and devices should be viewed with the same suspicion as any other component of IT systems, IT security expert says Kenneth van Wyk

.

The incident with a zero-day exploit in popular FireEye appliance, Kenneth Van Wyk was no reason to raise the eyebrows. However, the reactions that followed. He finds it in the least surprising that there are errors in the software for IT security. “You should not have blind faith in what you allow on your network and that applies equally to security tools” he states in an article at Computerworld. Van Wyk knows what he is talking with an experience of 20 years at CERT / CC at Carnegie Mellon University and the US Department of Defense.

In the case of the FireEye appliance was vulnerability in the Apache Network Service which forms the core of the activities of the unit. There sat a vulnerable PHP script in which a malicious enabled to appropriating administrator rights on the system. Van Wyk says that it was obviously not a good thing, but that the risk is as great a security company that overlook as a supplier of any other solution. “Safety always has to bow to perfection,” said van Wyk.

He cites a number of tips that also apply to security:

• Security products they are based on software. Errors can occur and do so. Have faith, but also check.
• Security equipment must be subjected to rigorous testing, like any other system that attaches to the network where you are responsible for.
• Reduce the potential for attack, for example by making use of dual interfaces. A pre-production-management-data and one for data. The production interface should never be used for mission-critical services.
• Security equipment must, like any other software, are regularly provided with the latest software updates. From the field Van Wyk know that in many cases the firmware is several versions.
• Never rely on the security or will be at the time. Also check the vendors whether they update their equipment quickly enough.
• Keep the traffic on security in mind as measured for other network devices. An unexplained increase in traffic on the security could betray danger.
• Create the network monitors as many invisible. By outgoing traffic to prevent this equipment is not et impossible to hack them, but makes it a lot more difficult.