Extra Feeds & Services »

Home / Blogs

Is It Time to Supplement Desktop Security Protections?

  • Apr 20, 2009 5:18 AM PST
  • Comments: 0
  • Views: 2,637
Print Comment
By Bruce Van Nice
Bruce Van Nice

Internet users are acutely aware of their exposure on the Internet and clearly concerned about their safety. Increased downloads of scareware as Conficker made headlines in the mainstream media are only the latest evidence. Desktop software is often viewed as a one-stop shop for fighting Internet threats such as viruses, worms and other forms of malware and phishing. These solutions have served us well but more protections are needed to address the dynamic and increasingly sophisticated web based exploits being launched.

In the past few months, there has been a dramatic rise in Internet-based attacks, yet Cyveillance announced in early February that more than half of active malware and phishing threats on the Internet go undetected by browser based offerings, with an average detection rate of 37 percent for malware and 42 percent for phishing. This is only one data point for one kind of protection but offers evidence that it may be time to look at ways to supplement client based protections.

Service providers are in a unique position to deliver network based protections that improve upon existing security measures and offer recognizable value to their subscriber base. These services have the potential to increase attachment of subscribers to providers by demonstrating an active commitment to protecting them. Network-based protections can complement and enhance existing desktop software solutions and improve the current situation in many ways:

  • Move security from reactive to proactive; deterring threats in the network can prevent subscriber devices from getting infected in the first place. Prevention is always better than cure!
  • Blocked threats can trigger notification and display of "teaching" pages, shifting the security experience from passive to interactive. Informed users are less likely to require help desk resources and more likely to adopt additional protective measure while will improve their overall Internet experience and reduce their impact on the provider network.
  • Provide leverage, a single server can protect many tens of thousands of subscribers and deployment can be highly automated
  • Reduce the delay before protections are activated, the instant a new threat is identified the information can be propagated and enabled across the Internet.
  • Take away the advantage attackers gain with "fast flux" whereby they constantly change IP addresses of their servers to evade detection
  • Improve effectiveness by taking advantage of the diversity of data sources that track threats
  • Enable protection for any kind of device, including devices for which client software is not available
  • Become pervasive and normalize the disparate security solutions that exist today by providing consistent protection regardless of the application being used - browsing, mail, instant messaging etc.
  • Offload security processing from subscriber devices, this is especially important for mobile devices where the processor, memory and battery are precious resources
  • Ease what is now a complete burden on subscribers to manage their own security. Activating network based services is simple - with no need to download any software so high adoption rates are probable.

There are many ways in which network based protections could be implemented but leveraging the DNS is a promising alternative. Virtually every Internet transaction starts with a DNS query so it is a perfect place to implement security checks. Every application uses DNS and every Internet aware device supports it too. The DNS has scaled remarkably well and with the right software it is available 100% of the time, and meets performance challenges in the most demanding networks.

The DNS was also designed to accommodate constant updates and with software that is optimized to provide security checks a highly automated, scalable, extremely high performance system can be built. Combined with desktop solutions, this layered approach will greatly improve the user experience on the Internet by protecting subscribers from the bewildering array of threats.

Internet users are concerned about their safety online. Whether or not their fears are well founded is secondary to the fact that they are taking steps to protect themselves, and sometimes these actions actually make the situation worse. Isn't it time to consider supplementing existing protections?

Written by Bruce Van Nice, Director of Product Marketing

Related topics: Cyberattack, Cybercrime, DNS, Malware, Security, Telecom

Get a weekly summary of postings to CircleID:

 Master Feed (more feeds)      Twitter      Mobile
Bookmark / Email This Post
Print Comment

Comments

To post comments, please login or create an account.

Related Blogs

Smart Phishing for Smartphones

  • Feb 05, 2010
  • Comments: 0

Wi-Fi Offload, Not Femtocells

  • Feb 04, 2010
  • Comments: 0

VIPR: New Developments in the VoIP Market

  • Feb 03, 2010
  • Comments: 1

Driver's License for Web Users… Bad Idea

  • Feb 03, 2010
  • Comments: 1

Domain Name Security Gains Prominence in German-Speaking World

  • Feb 02, 2010
  • Comments: 0
View More

Related News

The US House Passes Cybersecurity Bill

  • Feb 04, 2010
  • Comments: 0

Google, NSA Join Forces in the Effort to Build Better Cyberattack Defense System

  • Feb 04, 2010
  • Comments: 0

AFNIC Invites Network Managers to Prepare for the Signing of the DNS Root in May 2010

  • Jan 28, 2010
  • Comments: 0

DNS, Content Providers Including Google and Neustar Propose Extending DNS Protocol

  • Jan 28, 2010
  • Comments: 1

Comcast to Start a Series of Public IPv6 Trials Using 3 Transition Mechanisms

  • Jan 27, 2010
  • Comments: 0
View More

Other Topics

Access Providers Broadband Censorship Cloud Computing Cyberattack Cybercrime Cybersquatting Data Center DNS DNSSEC Domain Names Domain Registries Email Enum ICANN Internet Governance Internet Protocol IP Addressing IPTV IPv6 Law Malware Mobile Multilinguism Net Neutrality P2P Policy & Regulation Privacy Regional Registries Security Spam Telecom Top-Level Domains VoIP Web White Space Whois Wireless
View More



Industry Updates – Sponsored Posts

ICANN and Cybersecurity: Hot Topics at The First Ever .ORG Forum

  • By PIR
  • Views: 479

Neustar Releases UltraDNS Report Center

Neustar Implements DNS Security Extensions in the .US Registry

Neustar Launches Initiative to Enhance DNS With Faster, More Secure Updates

Registry Stakeholder Group Comments on Latest ICANN Policies

  • By PIR
  • Views: 1,395

Open Phishing Season

Nominum Announces "DNSSEC Made Easy" Solutions

.ORG Highlighted for Success in Fighting Phishing

  • By PIR
  • Views: 1,775

Afilias' Matt Pounsett Elected Director-at-Large for DNS-OARC

eComm 2009: Discussions on Restructuring Global Telecoms

.ORG Wins WebAward for Website Redesign and Selected as a Finalist for the NonProfit PR Awards

  • By PIR
  • Views: 1,647

SEO Poisoning: A Persistent Malware Threat Targeting High-Profile Brands

eComm 2009 Signs Skype As Headline Sponsor Of European Conference & Awards Debut Event

NeuStar Expands UltraDNS Network Infrastructure in Europe

Nominum CEO: Commercial vs. Open Source - Let Customers Choose

Ben Scott and Free Press in the Network Age

Supernova Interview: David Isenberg

Wendy Seltzer Interview: How Law Impacts the Network Age

Jon Peha, Chief Technologist, FCC, on the National Broadband Plan

Supernova Interview: JP Rangaswami

View More