Network vs. Endpoint Security: Striking the Right BalanceGartner's Lawrence Orans on Why Network Security Remains Relevant
With so much focus on endpoint security, it's important not to overlook the importance of network-level security controls, says Lawrence Orans, research vice president at Gartner.
Traffic at the network level is still an important place to detect malicious activity, independent of what's happening on the endpoints, he says in an interview with Information Security Media Group (see: The Growing Threat of SSL Traffic).
"Network security is still critically important. You can see certain things only at the network-level ... including traffic patterns that look suspicious," he says. "Endpoint security is complementary to network security. ... You want to focus on detection at the network level, and then at the endpoint, you can also do detection, but very much so, response." (Dee: EDR - Hunting on the Endpoint)
In this audio interview (player link below image), he also speaks about:
- The state of network security and its evolution;
- Striking a balance between endpoint controls and network security;
- Predictions on APTs, sophisticated threats, and the future of network security (see: Using AI to Model Networks and Defeat Ransomware).
Orans is research vice president and an analyst at Gartner. He has over 34 years of industry experience, of which 21 are with Gartner. Orans focuses on network security research. He assists CISOs and their direct reports in developing network-based strategies for mitigating security threats. He is the lead author for Gartner's Secure Web Gateway Magic Quadrant. He also helps clients develop strategies, select solutions and develop incident response plans to help enterprises mitigate the impact of DDoS attacks.