Decoupling Network and Host Security

Summary:This is a simple concept but one that has never been articulated in print or online. Put it like this:Network security should be handled in the network.

This is a simple concept but one that has never been articulated in print or online. Put it like this:

Network security should be handled in the network. Host security should be addressed on the host.

See what I mean by simple? In practice it works like this. Viruses are a host problem, so host based AV is the primary way to counter the virus threat. Worms are a network problem, so the primary way to counter worms is with firewalls and IPS.

Of course, there are ways to address viruses in the network. Offerings from Trend, Fortinet and Reflex are beginning to gain momentum. But for the most part regardless of the “layers�? of defense, the primary defense is on the host.

I have formulated this concept of secure networks and secure hosts in a theory I call Secure Network Fabric. Look to this blog for more on the topic!

Originally published at www.threatchaos.com  

Topics: Security, Networking

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.