Layering security slows networks

William Jackson

Your mother probably told you to dress in layers for protection from the winter cold. It was good advice then, and it still is for those who must protect a network against malicious code.

For instance, the Nimda worm seeks vulnerable Microsoft Internet Information Services installations, infects Web sites and spreads to unprotected browsers.

Blocking worms and viruses calls for what the Defense Department terms defense in depth. There is always a lag between the propagation of malicious new code and the arrival of signature updates from antivirus vendors. Even afterward, you still need to keep an eye on alternate avenues of infection because users inadvertently give viruses so much help.

'We received the ILOVEYOU virus from an employee who opened his Hotmail account,' said Paris Trudeau of Surf Control Inc. of Scotts Valley, Calif.

ILOVEYOU shut down the company's network for half a day, said Trudeau, product manager for the company's SuperScout products. Ironically, SuperScout E-Mail Filter and Web Filter provide some of the protection needed against worms.

Firewalls can block dangerous executable files, backstopping antivirus programs. E-mail filters make policy more flexible, letting some persons or departments send and receive certain file types but blocking them elsewhere. Web filtering can close the HTML door to unwanted code and visitors.

But there is a price for multilayered protection. When you went out to play in the snow as a child, you felt clumsy moving around in so many layers of clothes. Layers have the same effect on networks. A well-protected network runs more slowly.

Keystone Systems Inc. of San Mateo, Calif., which provides Web performance management services, noted Nimda's first effects on Internet performance two days after the spread began to decelerate.

Although backbone networks were not infected, latency on the Keynote Business 40 site performance index grew from an average 2.46 seconds on the morning of Sept. 19 to 3.07 seconds the next day. The delay came from increased antivirus scanning and tightening of firewalls.

Bill Jones, Keystone's senior director of public services, called the effect 'similar to shoveling out after a snowstorm.'

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • security in the cloud (ShutterStock image)

    Cloud security is the agency’s responsibility

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group