Encryption and Packet Analyzers
In the early days of networking when protocols were being developed by academics and government agencies, there was little thought to security.
This highly collegial and creative community was looking to build something important, and could not imagine how or why anyone would engage in behavior that would be destructive of those goals. The result is the very foundational protocols that make networks vulnerable.
In the actual, harsher and more competitive environment malware was invented, and thus network administrators had a need to better understand what was inside the packets they allowed inside their networks.
That motivation resulted in packet filtering firewallsâ€"packet analyzers in the form of intrusion detection technologies.
All of these early technologies relied on the ability to rip into packets and "see" what was inside of them, as well as the ability to review header information that was attached to those packets. Encryption does not require the same visibility.
Today, the choice is between using encryption or packet filters.
Use the study materials and engage in any additional research needed to fill in knowledge gaps. Discuss the following:
o How do organizations that would like to leverage IPSec and intrusion detection or intrusion prevention technologies marry those two concepts into a solid plan?
o How do organizations ensure that employees do not encrypt organizational data using PGP or other single-use applications?
o What resources do the federal government offer to organizations that would help them develop effective strategies using encryption?