Fire-Proofing Your Network With UTM,
Part 4: Delivering UTM as a managed service Lisa Phifer
[December 31, 2007] We conclude our series on Unified Threat Management with a look at how ISPs can leverage UTM to defend themselves more effectively and earn more revenue.

Fire-Proofing Your Network With UTM,
Part 3: Layering on anti-X defenses Lisa Phifer
[December 31, 2007] We continue our Unified Threat Management series with a guided tour of network-based virus, spyware, spam, and web defenses, demonstrating how they responded to threats during our tests.

Fire-Proofing Your Network With UTM,
Part 2: Deploying a UTM appliance Lisa Phifer
[December 28, 2007] In part 2 of our Unified Threat Management series, we illustrate SMB UTM deployment by taking the IBM ISS Proventia MX1004 network multi-function security appliance for spin.

Fire-Proofing Your Network With UTM,
Part 1: Battling new security threats Lisa Phifer
[December 27, 2007] Today, it takes more than a firewall to defend a network against downloaders, trojans, worms, phishing attacks, and bandwidth-hogging spam. In this series, we examine an increasingly popular alternative: Unified Threat Management.

2006 MSSP Survey, Part 6:
Managed Anti-Spam and Content Filtering Lisa Phifer
[December 22, 2006] ISP-Planet's biennial survey of MSSPs finds that, when it comes to spam and web content filtering, service featurs and packaging are so varied that consumers must examine their own business needs to carefully to match them to increasingly-available offerings.

2006 MSSP Survey, Part 5:
Managed Anti-Virus and Anti-Spyware Lisa Phifer
[December 22, 2006] ISP-Planet's biennial survey of MSSPs finds network anti-virus being combined with anti-spyware and anti-spam functions to offer more proactive, multi-layered malware defenses, accompanied by increasingly sophisticated provider threat monitoring and reporting.

2006 MSSP Survey, Part 4:
Managed Virtual Private Networks Lisa Phifer
[December 21, 2006] ISP-Planet's biennial survey of MSSPs finds that virtual private network offerings are becoming increasingly sophisticated as they are used to differentiate a provider's service—and as the VPN market continues to grow rapidly.

2006 MSSP Survey, Part 3:
Managed Intrusion Detection and Prevention Services Lisa Phifer
[December 21, 2006] ISP-Planet's biennial survey of MSSPs finds that intrusion prevention and detection services are augmented by new devices to deliver unified threat management in several different forms.

2006 MSSP Survey, Part 2: Managed Firewall Services Lisa Phifer
[December 20, 2006] ISP-Planet's biennial survey of MSSPs finds a even more features than ever—but make sure you understand what's included and what's extra when you compare services.

ISP-Planet Survey: Managed Security Service Providers Lisa Phifer
[December 20, 2006] ISP-Planet's biennial survey of MSSPs finds that as industry consolidation continues apace, service providers are offering more as administrators face new demands. But admins must understand that their job doesn't end when they start working with an MSSP.

Security and Moore's Law: Whitfield Diffie's Thoughts Alex Goldman
[November 10, 2005] Ever faster CPUs make life difficult for a variety of industries—ISPs, for example, operate in a market suffering constant deflation—but, as the inventor of public key cryptography noted, Moore's Law is particularly challenging to security vendors.

Beyond Passwords: Implementing The Vision Lisa Phifer
[April 5, 2005] In part two of this series, we present the pros and cons of your five options: digital certificates, one-time passwords, hardware tokens, smart cards, and biometrics.

Beyond Passwords: Stronger Authentication Lisa Phifer
[April 4, 2005] When passwords are no longer sufficient, enterprises have plenty of options to improve security.

MSSP Survey Part 4: Managed Anti-Virus, Anti-Spam, and Web Filtering Services Lisa Phifer
[January 18, 2005] This year's MSSP survey finds more providers offering broader, deeper managed services to defeat viruses and spam.

MSSP Survey Part 3: Managed Virtual Private Networking Services Lisa Phifer
[January 11, 2005] Our MSSP survey finds marked growth in SSL VPN services and stronger security methods.

MSSP Survey Part 2: Managed Firewall and Intrusion Detection Services Lisa Phifer
[December 28, 2004] Our 2004 MSSP survey finds Managed Intrusion Prevention services elbowing out pure-play Managed Firewall and IDS offerings.

Managed Security Service Provider Survey (December 2004) Lisa Phifer
[December 21, 2004] This multipart survey shows what options are available to you when you choose to outsource a portion of the security function.

Survey of Managed Security Service Providers:
Other Services, and Our Conclusion Lisa Phifer
[June 6, 2003] ISP-Planet's biennial survey of MSSPs finds that service providers are further differentiating their offerings with some unique extras—some of which are free—and a wider variety of options.

Survey of Managed Security Service Providers:
Managed IDS, AV, and Filtering Lisa Phifer
[May 30, 2003] ISP-Planet's biennial survey of MSSPs finds that the Application Service Provider (ASP) model is increasingly popular in the delivery of managed services.

Survey of Managed Security Service Providers: Managed VPN Lisa Phifer
[May 23, 2003] ISP-Planet's biennial survey of MSSPs finds that VPN offerings are becoming more popular and include more features than ever before.

Survey of Managed Security Service Providers:
Managed Firewall Lisa Phifer
[May 16, 2003] ISP-Planet's biennial survey of MSSPs find that as industry consolidation continues apace, service providers are offering a greater variety of services beyond managed firewalls.

ISP-Planet Survey: Managed Security Service Providers Lisa Phifer
[May 9, 2003] ISP-Planet's biennial survey of MSSPs find that as industry consolidation continues apace, service providers are offering a greater variety of services beyond managed firewalls.

Honeypots: Tracking Hackers Alex Goldman
[March 14, 2003] Honeypots are systems that are designed to log hacker activity. The book Honeypots: Tracking Hackers is a hands on book that tells you how to set up honeypots on your network.

The Honeynet Alliance Alex Goldman
[March 14, 2003] If you want to get involved in a worldwide project that is setting up systems to track hacker activity, consider these words of wisdom before you dive into the project.

Know Your Enemy Alex Goldman
[January 27, 2003] The Honeynet Project set out to learn more about blackhat hackers. The book Know Your Enemy describes what the project did, what it learned, and what it hopes to achieve in the future.

Anti-Virus Protection for $300 a Year Alex Goldman
[November 27, 2002] With paltry pricing that's tough to beat, RAE Internet is making waves selling its anti-virus solution developed in Bucharest, Romania.

Apache Flaws Being Exploited Ryan Naraine
[November 15, 2002] Several security holes in the Apache source are being actively exploited on the Internet; IT managers should upgrade to version 1.3.27 or 2.0.43 or higher.

Serious BIND Server Flaws Detected Ryan Naraine
[November 13, 2002] Exploitation of the vulnerabilities could lead to more DoS attacks against vulnerable NS servers. Flaws in BIND 4 and 8 could compromise security if not upgraded.

Worm Gives Linux a Slap in the Face Michael Chait
[September 17, 2002] Slapper worm takes off, infecting systems in over 100 countries over the weekend, spreading over Linux machines using a flaw that was discovered in August.

E-Mail List Questions Highlight Web Security Woes Chris Saunders
[September 16, 2002] A number of e-mail newsletter publishers are complaining that someone is spamming their proprietary e-mail lists—raising the question of how secure any data really can be.

Blocking Attached Viruses Best of ISP-Lists
[September 4, 2002] Members of the ISP-Linux list say that with Linux, it's easy to block viruses whose attachments are meant to cause harm to Windows users.

A Spamming Trojan Best of ISP-Lists
[August 21, 2002] Members of the ISP-Tech list discuss spam filters and anti-virus programs. Whatever you do, trojans will continue to hit unsuspecting users through the back door.

Innoculate Your Network: AVStripper
When Viruses Happen (Part II) Lisa Phifer
[August 16, 2002] Last week, we put AVStripper to the test with a trial run though installation and setup. This week, we wrap up our lab work and give you the bottom line on our overall experience with AVStripper.

Innoculate Your Network: AVStripper Lisa Phifer
[August 9, 2002] Reliable networking requires backup. The Noah Principle—have at least two of everything—is a proven approach. So why expect your desktop anti-virus scanner to go it alone?

Protecting a Public Computer Best of ISP-Lists
[July 26, 2002] Members of the ISP-Tech list discuss how to protect public computers such as kiosks and café computers—and share some pranks made possible by poor security.

ISPs Rave About Vircom's Anti-Spam Capabilities Alex Goldman
[July 19, 2002] ISPs small and large are rallying behind Vircom's suite of VOP products in a customer-based coalition that shows just how well the IETF's filtering language works.

Scrubbing Servers with PestPatrol Lisa Phifer
[June 14, 2002] Viruses have become so common that few ISPs or enterprises would consider turning up a public server without protection. Unfortunately, virulent e-mail is not the only type of pest to worry about.

What Do You Want to Patch Today? Ryan Naraine
[June 14, 2002] Microsoft issued a slew of advisories, spelling out bugs in the Remote Access Service (RAS) phonebook implementation that puts users of Windows NT 4.0, Windows 2000, and Windows XP at risk.

The Plague Upon Us Lisa Phifer
[May 17, 2002] AntiVirus protection has become an IT staple. It's bundled almost everywhere. AV scanners have become so ubiquitous that one must wonder ... Do we really need to run them everywhere?

Stopping Spyware Best of ISP-Lists
[March 26, 2002] Members of the ISP-Tech list find that secret ad servers and other unwanted guests inhabit most computers, but at least these ISP professionals know how to track them down and eliminate them.

A Refresher on Data Backup Software Clint Boulton
[March 12, 2002] The IT industry may not be doing well, but the security sector thrives. We provide an overview of the companies in this sector and preview the latest product, VERITAS NetBackup 4.5.

Battening Down SNMP Lisa Phifer
[February 15, 2002] Everyone knows that SNMP has a security hole, but little concrete advice has been profferred. Take a walk through your network with us at your side, battening down all those loose SNMP hatches.

The Diameter of Security Best of ISP-Lists
[February 8, 2002] Members of the ISP-Security list debate the minimum requirements for designing a secure network. This is a controversial topic (but everyone knows that the diameter is twice the RADIUS).

Better Than WEP Lisa Phifer
[February 1, 2002] Will concern over the inherent vulnerability of wireless and inadequate security measures erode consumer confidence in wireless LANs? Not if the WECA and the IEEE can stop it.

2001

Reducing Network Security Risk Recourse Technologies
[December 24, 2001] How do you know you're under attack? The answer is intrusion detection systems (IDS).

Gauging Potential Disaster Impact Elizabeth Ferrarini
[December 19, 2001] This article provides a checklist of concerns any ISP will need to consider when building a disaster recovery plan. Business Impact Analysis (BIA) software can ease planning and implemenation.

Fighting Router DoS Jim Freund
[November 8, 2001] The latest form of Denial of Service (DoS) attacks targets routers. ISPs need to protect these vital infrastructure elements with tools ranging from common sense to the latest software.

Managed Firewall and Content Filtering Wayne Kawamoto
[November 5, 2001] Ashley Laurent's BroadWay Managed Firewall and Content Filtering software is designed to offer an integrated management platform and security solution to ISPs.

Biometric Subscriber Authorization Software Wayne Kawamoto
[November 1, 2001] BioconX's biometric security solution protects systems and applications by authenticating workers and may now be leased through the company's network of VARs.

Encryption: An Overview Gerald Williams
[October 2, 2001] This article provides an overview of the various types of encryption that are available for your ISP's data. Click on any glossary item for more information from the ISP Glossary.

Physical Security Augments Logical Security Drew Bird
[September 25, 2001] Many administrators devote a great deal of time to the software side of security while ignoring the fact that simple architectural tricks also play an important role in any basic security scheme.

Simple Assumptions Provide False Security Drew Bird and Amy Newman
[September 14, 2001] Whether you're purchasing a shrink-wrapped security solution off the shelf or have built a data protection plan that relies on machines in the twin towers, simple assumptions can lead you astray.

Sniffing Out Packet Sniffers Brien Posey
[July 20, 2001] Pernicious people with packet sniffers are out there searching for vulnerabilities in your network. We detail several possible signs of intrusion, teach the old "bait-and-sniff" routine, and sign off with a useful link.

IBM's Wi-Fi Security Tool Clint Boulton
[July 13, 2001] IBM Research said it created a prototype of a tool that can monitor 802.11 wireless Internet networks—and it's based on Linux. Gartner expects the new corporate wireless security market to grow rapidly.

Managed Security Service Providers Lisa Phifer
[July 11, 2001] Consider this a starting point for any ISP thinking about purchasing or providing Managed Security Services. Packed with details, remember that only you can determine which security service suits your ISP.

Cisco Warns About Hacker Hole Michael Singer
[July 2, 2001] If you are running any device running Cisco IOS software release 11.3 and later, your system could be vulnerable to hacker attacks. Learn about what you can do today to thwart intruders.

Wireless Privacy: An Oxymoron? Lisa Phifer
[April 26, 2001] ISPs deploying 802.11b for public broadband or fixed wireless Internet access should consider the risks associated with this emerging technology before network security is compromised.

Slipping IPsec Past NAT Lisa Phifer
[April 19, 2001] NAT and NAPT are techniques used to share and hide private IP addresses on edge devices like routers and firewalls. But, when an IPsec session runs through NAT or NAPT, security is often broken.

DNS BIND Security Goes Incognito ISP-Planet Staff
[April 9, 2001] Incognito Software takes the BIND out of DNS management with debut its DNS Commander 3.1 targeting 90 percent of DNS servers running vulnerable BIND software.

The Snow White Virus Best of ISP-Lists
[January 24, 2001] Members of the ISP-Tech list discuss blocking the Snow White virus. Veteran haters of viruses and spam share their ideas about what does and does not work, and share links to further information.
Controlling Internal Abuse Keith Palmgren
[January 12, 2001] Internal threats are significantly more dangerous than external threats. Do you know your risks and possible solutions?

2000

The IPsec Remote Access Conundrum Part 1: Extended Authentication Lisa Phifer
[November 30, 2000] Can ISPs offer the security of IPsec-based remote access VPNs without the expense of massive Public Key authentication systems? There's no fully standardized solution, but there are ways. . .
.What To Look For In A Managed Security Provider Lisa Phifer
[November 13, 2000] A look at Managed Security Services from the customer's point of view may help you decide what to buy and what to sell.
Detecting Promiscuity on Your LAN Best of ISP-Lists
[November 10, 2000] Members of the ISP-Security list discuss finding and thwarting packet sniffers on your Local Area Network (LAN).
Offer Managed Security & Anti-Virus Services  Lisa Phifer
[September 7, 2000]  Network Associates' security-ASP subsidiary MyCIO.com is looking for a few good ISPs and hosting providers to resell security services. It'll handle everything down to and including customer service.

Helping ISPs Become Managed Security Providers Lisa Phifer
[July 25, 2000] Providing secure business Internet service requires far more than adding a firewall to your customer's network. ISPs can enter the Managed Security Service market without growing in-house security expertise by joining a reseller program like this one from DefendNet Solutions.

Stopping the ILOVEYOU Virus at the Server Best of the ISP-Lists
[May 5, 2000] Members of the ISP-Tech list discuss how they are protecting customers from the rampant ILOVEYOU virus.

Best-of-Breed Platform for Managed Security Services  Lisa Phifer  
[February 10, 2000]  Through its SAFEsuite and ePatrol product lines ISS wants to make it easy for ISPs to get into the security business—a business that' slated to grow to $20 billion over the next decade.

1999

Managed Security Services: A Primer  Lisa Phifer & David Piscitello
[December 9, 1999]  You've heard the term, but what's this market all about? Are any of MSS's many aspects a business opportunity you might persue? Here's an in-depth look.