A Zen Approach to Security
Marcel Santilli 270002FABM firstname.lastname@example.org | | Tags:  network-security security host ibmsecurity virtual-environments ibm_security network networksecurity vikash-abraham
0 Comments | 3,931 Visits
Post by Vikash Abraham, Product Marketing Manager for IBM Security Solutions
What Zen, Ancient Wisdom and Infrastructure Security Have in Common
Ancient wisdom continues to amaze me, and this struck me: Isn’t there a strong correlation between ancient philosophies and infrastructure security? This blog post does not look at measuring the superiority of any one school of thought, but explores possible learnings that can be implemented in a security environment.
From a philosophical perspective, for simplicity, let’s consider two parts of spiritual practices: one that looks at external activities, and the other at internal introspection.
Recognizing patters from external activities
The looking-outward practice focuses on external deeds that should be restricted or practiced, categorizing them as ‘bad’ or ‘good’ for your spiritual journey. For example: giving in to anger and greed are categorized as bad, while patience and generosity are categorized as good. What is bad has been recognized through previous experiences, as it could lead to attacking a human weakness that could hinder enlightenment. Now let’s draw a parallel with security. The bad activity can be an ‘exploit’, which can attack a system and lead to it being compromised. Over a period of time, security experts have recognized patterns of typical exploits and are able to identify the exploit by its characteristics, hence preventing it from compromising IT infrastructure. This is the ‘signature based’ approach to protecting IT infrastructure.
Awareness of self to help secure vulnerabilities
Zen propagates the need for self-awareness. This deep internal understanding of the true self is considered as the first step to awakening. From a security perspective, we look at our existing IT infrastructure to be totally aware of its vulnerabilities. Once we understand the vulnerability, we shield it, hence the exploit’s form is not of prime importance. We are not patterning the external attack, but our total awareness of self is helping us secure our own vulnerabilities. This synchronizes with IBM’s approach to infrastructure security. IBM’s network, host and virtual intrusion prevention solutions use a technology called virtual patching to shield - vulnerabilities within the infrastructure, hence known or unknown attacks trying to exploit this vulnerability are decapitated and the system is secure.
Zen suggests multiple tools to achieve self-awareness: examples include Zazen (just sitting), Koan (Short stories) and Kinhin (walking meditation). IBM’s X Force team uses its research and various information sources as tools to create the largest database of vulnerabilities present in general IT environments. The knowledge of vulnerabilities is then transferred as virtual patches to the individual IPS agents that sit at the client’s datacenters, hence creating a protection shield.
Having a mirror that reflects gaps
However, like individuals, each IT environment is different, with its own customized applications and products, which again opens up a new world of vulnerabilities. Zen emphasizes the importance of having a master, whose role is to be a mirror that reflects gaps that can hinder his pupil’s awakening. IBM provides this through tight integration between its IPS solutions and Application Scanning product. The AppScan product carries out both Dynamic and Static testing of various applications in the client environment, identifies vulnerabilities and feeds it back to IPS solutions. Virtual patches can then be created for these vulnerabilities, completely securing the entire IT infrastructure.
In addition to the above approach, IBM NIPS can also import SNORT signatures, to leverage signature based approach to identify exploits. Truly the best of all wisdom brought together to achieve a totally secure IT infrastructure.