UnauthorizedModems_16
Protecting Data Networks by Securing Telephone Networks
15
Summary
The danger to computer systems and networks from hackers continues to be a
problem despite the increasing availability of security products such as firewalls.
One reason for this is most security products are point products designed to
prevent access to an internal network or computer system. A recent development
in security tools, one designed to detect and respond to intrusions when they
inevitably occur, are intrusion detection systems. These systems not only
provide the capability to monitor the effectiveness of point products used to
prevent unauthorized access, but also provide a view into the corporate
datastream which allows more efficient use of resources and can actually
provide a return on the security investment. As the effectiveness of security
products has increased, hackers have been forced to find alternate methods to
circumvent the security perimeter the products form. A common point of attack
today is a modem attached to a computer system inside of the security perimeter.
These modems may be authorized or unauthorized but are generally
inadequately protected. Until now the only method to handle the use of modems
was through establishment of policies and an occasional scan to detect lines
attached to modems. The need exists to provide a better solution to provide
the telephone network with the same level of visibility and protection now found
in the TCP/IP environment. What is required are firewalls, scanners, and
intrusion detection systems to patch the holes in computer systems and networks
that modems create. Deploying these devices will also provide a view into the
telephone network that can provide an actual return on the investment in this
arena as well.