Protect and survive: network monitoring tools, rather than traditional security measures of firewalls and IDSs , provide the strongest protection agai

The issue of network security has never been far from the top of the organisational agenda. However, it is pushed to the forefront when high-profile security attacks occur, such as the denial of service attack suffered by the Computer Emergency Response Team (CERT) last year. This made it clear that determined hackers can damage even the experts, and highlighted the fact that service providers and enterprises that depend on internet connections must take more stringent measures to protect themselves.

The notion that companies need to implement a full security policy is of course nothing new -- experts have been espousing the benefits of firewalls and intrusion detection systems (IDS) for years. However, as the CERT attack shows, anyone can get stung.

The CERT co-ordination centre is a hub of knowledge on internet security vulnerabilities and gives advice and training to improve network security. Last year the organisation was knocked offline for two days by a denial of service attack preventing anyone from accessing the CERT website. A spokesperson for CERT explained that connection to the internet had been totally saturated by the attack. The irony here is that the group was most probably targeted for attack in the first place because of its status as a champion for internet security issues.