Endpoint Security
by Mark S. Kadrich
Addison-Wesley 2007.
ISBN 0-32-143695-4. Amazon.com $54.99 Bookpool.com $29.95
Reviewed by Richard Austin June 20, 2007
Security professionals must face the fact that our networks are acquiring new types of endpoints at a frightening pace. They range from PDA's to smartphones to network-attached printers to even network manageable power strips. And, unfortunately, as Kadrich is quick to point out, these devices are all about features and functionality with little attention being focused on securing them before they attach themselves to our networks.
His second chapter, "Why Security Fails," provides an excellent summary of the reasons why security fails ranging from a check-the-box mentality ("if I do this, then I will be secure") to the fact that vendors always position themselves to stop the last threat (rather like the military is often criticized for planning to fight the last war).
Chapter 3 presents his idea of what is missing using the surprising analogy of the flush toilet and its control system. He points out that we need to approach the process of network security as a process control problem by identifying control points (routers, VPN gateways, etc) and establish control processes that integrate signals such as failed logon attempts, IDS alerts, etc and business processes such as user termination, software decommissioning and so on. He defines (yet another) new way of diagramming networks to reflect the control system analogy. While we need a new network diagramming standard like we need another compliance initiative, thinking about the denizens of our network infrastructures from a process control perspective is a source of useful insights.
Chapter 4 (Missing Link Discovered) introduces the proposed components of a solution that predictably includes network access control (NAC), But Kadrich also includes what is often the missing link in NAC decision making: host integrity. The basic concept is that a device must demonstrate a defined level of trustworthiness before it is allowed to join a more trusted part of the network. If the device cannot demonstrate integrity of its operating system, and a valid system configuration (anti-virus, firewall rules, etc), it will not be granted access. Additionally he makes the important point that the device needs to be remotely manageable so that remediation can be performed. For example, if a host is missing a critical patch as required by the integrity/configuration standards, it can be automatically installed as part of the NAC process.
The next two chapters flesh out the underlying components of the NAC process with a discussion of network capabilities and details on how to create a secure baseline for hosts.
In chapter 7 (Threat Vectors), the general ways an endpoint can be attacked are presented to prepare for a more in-depth look at threats and defenses for common software environments (Windows, OS X and Linux) in their own chapters. The chapter on OS X is especially recommended as security discussions of this increasingly popular operating system are rather rare.
Chapter 11 (PDAs and Smartphones) provides a good overview of these very common endpoints and their software (Windows Mobile, Symbian, Palm, Blackberry and Mobile Linux). One could have wished for more detail but that would easily have doubled the size of the book and taken it further afield from its focus on endpoints in general.
Chapter 12 covers the important topic of embedded devices which include things ranging from a network-attached printer to the SCADA systems that run railyards and power plants. Kadrich notes that this is mainly an awareness chapter as there are almost no tools to implement anything approaching a NAC solution for them as yet.
The final chapter is devoted to brief case studies that illustrate the book's concepts and how they should be applied in practice.
In summary, "Endpoint Security" is a good overall look at the problems presented by the proliferating variety of endpoints seeking to attach to our network infrastructures. The presentation is concept-based which can be frustrating when one is seeking specific guidance but it more keeps the book from becoming mired in product details and quickly dated by their changing features. Practicing security professionals would be well advised to read the advice in this book and use it in examining just where the endpoints of their networks lie. If you're like me, you will find a few surprises along the way.
Richard Austin recently retired as the storage network security architect at a Fortune 25 company and currently earns his bread and cheese as an itinerant university instructor and security consultant. He welcomes your thoughts and comments at rda7838@kennesaw.edu