This is a simple concept but one that has never been articulated in print or online. Put it like this:
Network security should be handled in the network. Host security should be addressed on the host.
See what I mean by simple? In practice it works like this. Viruses are a host problem, so host based AV is the primary way to counter the virus threat. Worms are a network problem, so the primary way to counter worms is with firewalls and IPS.
Of course, there are ways to address viruses in the network. Offerings from Trend, Fortinet and Reflex are beginning to gain momentum. But for the most part regardless of the “layers�? of defense, the primary defense is on the host.
I have formulated this concept of secure networks and secure hosts in a theory I call Secure Network Fabric. Look to this blog for more on the topic!
Originally published at www.threatchaos.com