200 likes | 214 Views
Delve into the 2006 ResNet Security Survey findings to uncover trends, challenges, and strategies for network protection. Explore policy enforcement, vulnerability evaluations, QoS practices, and more.
E N D
The 2006 ResNet Security Survey ResNet Applied Research Group David Futey Kevin Guidry December 15, 2006
Introduction • Background • References • ResNet Applied Research Group (RARG) • 2006 ResNet Survey development • Placing the survey results in context • 2006 ResNet Security Survey overview
Background • Continuing evaluation of security • Security Vulnerability Survey • Assess readiness for Fall 2004 • 94 respondents • 2005 ResNet Survey • Security component • 224 respondents • 2006 Security Survey • 101 respondents
References • RARG research • http://www.resnetsymposium.org/workinggroups/research.htm • Get Connected: An Approach to ResNet Services • EDUCAUSE Quarterly, No. 4, 2006 • http://www.educause.edu/ir/library/pdf/eqm0643.pdf • 2005 ResNet Survey Results: A Baseline Analysis • EDUCAUSE Center for Applied Research, bulletin Issue 20, 2005 • http://www.educause.edu/LibraryDetailPage/666?ID=ERB0520
ResNet Applied Research Group • History • Formed August 2004 • Volunteer group within ResNet organization • Present & Past (*) Members • Carol Anderer, University of Delaware • *Kevin Bullard, UNC-Greensboro • David Futey, ResNet Applied Research Group • *Jan Gerenstein, Northern Illinois University • Kevin Guidry, Sewanee: University of the South • Clifton Pee, Azusa Pacific University • Erica Spencer, Baylor University
2006 Survey Development • Assistance • Question creation and review • Pilot survey • Support received from: • ResNet Listserv members • Security Task Force: Effective Practices Group • Internet2/SALSA-NetAuth
Top “Current” Challenges from 2005 ResNet Survey Question 77
Top “Future” Challenges from 2005 ResNet Survey Question 78
Network Registration Tools • 2004 ResNet Vulnerability Survey • 85% use a tool to register student computers • 2005 ResNet Survey • 74% use a tool to register student computers • 2006 ResNet Security Survey • 83% use a tool to register student computers
Student Machine Vulnerability Evaluation • 2004 ResNet Vulnerability Survey • 69% use a tool to evaluate student's computer • 2005 ResNet Survey • 71% use a tool to evaluate student computers • 2006 ResNet Security Survey • 60% use a tool to passively evaluate student computers • 42% use a tool to actively evaluate student computers
QOS • 2005 ResNet Survey • Practicing packetshaping or Quality Of Service (Y=84%) • 2006 ResNet Security Survey • Practicing packetshaping or Quality Of Service (Y=86%)
Who is responsible for setting and enforcing policies? Number of respondents Questions 6-7 (2006)
How is policy decided? • A vast majority of respondents (94%) indicated that their institution blocks, filters, or otherwise restricts network services for security purposes. (Q.8, N=101) (85% in 2005 ResNet Survey) • A majority of respondents, (78%) either entirely or in part, base their decision to filter, block, or restrict on published best practices from professional security groups. (Q.14, N=95) • Service License Agreements and Internal IT Security Expertise were the other predominate factors, besides the published best practices, that impacted the decision to block, filter, or restrict. (Q.14a)
Policy enacted.. • In the event of an unexpected security incident, Central IT (50%), Security (25%), and Networking (18%) had authority to request immediate action.(Q.13, N=95) • Central IT (52%), Networking (18%), and Security (17%) are primarily responsible for determining what services, ports or protocols are blocked, filtered, or restricted.(Q.12, N=95)
What services are blocked?Sampling from Question 9-11 • Questions 9-11 looked at what services were blocked if the traffic was inbound to the ResNet network, outbound from the ResNet network, or remained internal to the ResNet Network. Please review the questions for specifics. • Non-established services coming into the ResNet network are blocked (Q.9, 48%, N=90) • Services with high percentages of not being blocked include FTP, Instant messaging, IRC, VoIP, IPSec, gaming, and console gaming. • SMTP and Windows File and Print Sharing had high percentages of 'Always' being blocked, inbound and outbound
Does your institution require protective software be installed and is that software provided by the institution? Number of respondents, N=101 Questions 22 & 23 (2006)
Wireless • A majority of respondents, 74%, do not allow students to install personally-owned access points. (Q.31, N=98) (60% in 2005 ResNet Survey) • Wireless installations in residences are (Q.32, N=97) : • Not provided (37%) (46% in 2005 ResNet Survey) • Part of overall institution wireless network (47%) • Separate from institution wireless network (13%) • SSID naming convention and 802.1x were primary security measures used for institutionally managed wireless • Nearly (1/5) of respondents provided no security measures
Let's Hear From You Suggestions, questions, and comments can be directed to the RARG at: resnetresearch-l@lists.uncg.edu