You are here

Smart Network Security vs. Dumb Pipe Vulnerability; Open Internet's Growing Security Problem -- Part X

"Network Based Security Is In Our Future" is an outstanding must-read analysis by Tom Tovar, CEO of Nominum.

Please read his full piece, its brief. Let me highlight some excellent points he made:

  • Edge-only security is not practical:
    • "Another important lesson that can be learned from recent experience is that it simply isn’t fair or realistic to expect that Internet users take complete responsibility for securing their Internet access." ...
  • Edge-users can't keep up with the constancy of the threat:
    • "Security threats have become not only more numerous, more diverse, and more sophisticated, and this is not going to change. Security software that requires users to constantly accept updates (separately for each kind of threat), or worse go online to download the latest updates, isn’t much of a solution." ...
  • Network-based security could be more effective:
    • "Threats to the desktop are delivered over the network —so why not use the network to fight them? Service providers are extremely well positioned to offer network based security protections and by doing so they demonstrate their commitment to providing a safe and secure Internet experience for their subscribers. They can also better address the increasing sophistication, scale, and constantly changing nature of today’s threats. ..." 
  • From reactive to proactive protections:
    • "But a more important benefit is that network based protections can move security from reactive, where desktop software is activated after a user becomes infected, to proactive, where the user never gets infected in the first place..."

Mr. Tovar's logic is sound, "network based security is in our future."

  • A utopian open Internet vision unwisely assumes that every individual user has to be on their own to protect themselves from growing Internet threats.
    • Vint Cerf, co-father of the Internet, explained this scary reality in an interview in the Guardian:
      • "It's every man for himself," "In the end, it seems every machine has to defend itself. The internet was designed that way."

Technology has come a long way since the Internet was originally co-designed by Mr. Cerf over thirty years ago.

  • It's quite remarkable that in the 21st century many continue to argue for:
    • Codifying 1970's technology design limitations;
    • Dumb pipes over smart pipes,
    • Edge-only innovation over smart network innovation and innovation everywhere, and 
    • Forced openness in the face of the open Internet's growing security problem. 
  • It is also amazing that the FCC still does not have Internet security issues on its radar screen.

See previous parts of "The Open Internet's Growing Security Problem" series:  I, II, III, IV, V, VI, VII & VIII, and IX to learn more about the seriousness and pervasiveness of the Internet's security and safety problems.