Well, here it is – my first foray into web2.0! Apparently, blogs are a good way to document and collate your thoughts, so in the spirit of scientific experimentation I’m going to test the theory by documenting and collating my thoughts on “why have I started a blog”?
To understand the “why”, it might help to understand the “who”. By which I mean me, rather than The Who. They rock; I type.
Anyway, in no particular order…
- My name is Alec Waters
- I work for an IT company in Brighton in the UK
- My job title is Infrastructure Manager, which means I’m responsible for pretty much all aspects of IT other than an application written by our development teams
- Part of my job is the provision and management of network infrastructure. “Network” is a term that sometimes has different meanings to different people – when some of my colleagues talk about their “networks”, they’re talking about their domain controllers, active directories, and group policy objects. Not me – when I say “network”, I’m talking about the cabling plant, the switches, routers, firewalls, intrusion detection sensors and other devices that enable the server admins to even have their shiny domain controllers.
- I have a current Cisco CCNP certification
- The lion’s share of my day to day work is information security.
And so we come to the point of this blog. Information security is something that I’m greatly enthusiastic about, and I think I’ve got to the point where I’ve amassed enough experience to actually have something hopefully useful to say on the subject.
Information security spans a great many disciplines; my specialist subjects are network security monitoring and network forensics. I believe that the network itself (remembering my specific interpretation of the word “network”) is a great and often untapped source of security information that should be complementary to other, more conventional, defensive measures like anti-virus. I am in part talking about network specific devices like intrusion detection sensors (IDS), but I’m also talking about going a lot further than this. IDS boxes are extremely valuable and useful devices, but they just don’t go far enough on their own. You can do a lot more, and I hope to be able to get this point across in subsequent posts.
I don’t claim to be a luminary. I don’t claim to be the only person on planet Earth who has ever done any of this. I strongly doubt that I’ll ever come up with something original and groundbreaking. All I want to do is get over the point that listening to your network is a truly worthwhile thing to be doing, and will give you operational visibility that you absolutely cannot have in such fidelity and with such integrity by any other means.
With that said, let battle commence!
Alec Waters is responsible for all things security at Dataline Software, and can be emailed at alec.waters(at)dataline.co.uk