Inside Symantec's 'Security Center'

dipfan writes "There's a fascinating view looking at Symantec's Virginia security centre, where the company defends its corporate clients' networks against those wicked hackers. Scary quote from the Washington Post article: 'The Alexandria facility is a private, miniature version of the kind of public Internet-monitoring capability the Bush administration wants the federal government to develop to protect the nation's electronic infrastructure.'"

This is as it should be

[ajs]

Well, if you were trying to stay one step ahead of the people breaking into systems, wouldn't you have a network with a bunch of honeypots and as much logging as you could manage?

This is basic network security practice, no?

Heh...

[Pig+Hogger]

The best croporate security policy starts by not boasting about the security procedures. Not for security by obscurity, but simply not to boast and make oneself a target for crackers.

Re:Heh...

[n3rd]

Then again, the best source of network intrusion data is to boast about the quality of your security and then sit back and log the results :-)

This is just a honeypot network, which if you think about it, is the only reasonable way for them to get the information they need on network intrusion.

Actually, this more than likely won't work too well.

Their company says "We're a security company, come own our network!". What will happen? All the script kiddies will hit it, probably DoS it some and nothing new will be learned.

The people who have new, unreleased or self created exploits and techniques won't hit the network because they know they are being watched. If they did they would in a sense be helping the enemy. If you were a blackhat would you try to own a self-proclaimed honeypot that belongs to a network security company and let them learn your secrets? I wouldn't.

scary - use encryption

This is a strong commentary on why you should use encryption all the time:

If data is transmitted, she can see that, too -- and not only when it is moved by outsiders. Symantec has caught insiders improperly sending pre-merger details and pre-earnings data and has reported those findings to the employees' bosses.

Of course, where I'm employed, it is company policy that you can be terminated on the spot if you use encryption (for example, encrypting your email or files - I wonder if this applies to using a compression algorithm which sort of encrypts it. Or if you compress files and lock them with a password).

Advertising in the Guise of Reporting

[sweatyboatman]

They make it sound very Gibson-esque in there. But it's not clear what these people are actually doing (except raking in millions of dollars). They have fancy displays and lots of data mining, packet sniffing and tracing technology and they're preventing... What? Well, nobody really knows.

Smoke and mirrors. Meanwhile you're being pumped for thousands a month. The price is quoted right in the article. A couple thousand a month seems reasonable. After all those Bulgarian hackers are vicious!

If you're interested in that then let me tell you about my company.

I've started a ghost-busting business. Using specially developed anti-ghost technology I am able to monitor minor disturbances along the walls of your house. From my Central Office of New Ghost Activity Monitoring Equipment I have been detecting thousands of intrusions each day! With the pattented Spectral Tracking Universal Psychic Intrusion Detector, I can see all over the world and into the cosmos to detect super-natural invasions even before they occur.

Ah! Even as we speak a spectral invasion fleet masses in Zaire to invade your kitchen!

SweatyB