Why parents need to deploy ‘layered defense’ of home networks
Posted on | June 3, 2010 | add a comment
Parents who use Blue Coat’s free K9 website filter to protect their children from straying onto inappropriate sites are to be applauded. But in today’s cyber landscape they also need to go a few steps further. In this LastWatchdog guest blog post, Chris Larsen, Blue Coat’s Senior Software Engineer, explains why.
By Chris Larsen
Many years ago, a group of Blue Coat engineers — most of whom were fathers with young children at home — became concerned about the often blatant pornography that their children might see on the Internet. Blue Coat develops web filtering software that let’s companies and organizations control employee’s access to approved web sites. The engineers convinced management to let them create a web filter for home computers — and to give it away for free.
Over the years, they got a lot of e-mails from grateful parents, which made them smile. They also got a few angry ones from those parents’ teenagers, which made them smile even more. The K9 software also generated some positive publicity for their company, as they’d hoped it would, although most people outside of large corporate IT departments probably still don’t know who Blue Coat is.
K9 continues to do a great job of blocking porn for concerned families, the web filtering world has changed in the last few years, for both the corporate and the home environments. As the web browser has become the primary vector for malware to spread and infect computers, our primary focus has shifted from blocking objectionable content to blocking malicious content.
So today, K9 WebProtection does more than enable parents to restrict the webpages their kids can access. It also delivers protection from malware. K9′s basic anti-malware protection works by warning or preventing a user from pursuing a link (URL) that leads to malware or phishing.
However, it does not provide content scanning as provided with anti-virus software. Therefore, a full desktop antivirus suite needs to be used in conjunction with K9.
Most home computer uses are aware that they should be running antivirus software. If they don’t have children at home, however, and they’ve never seen a need for a webfilter, they may not be aware that K9 can provide a valuable second layer of defense against internet malware that their AV software may not catch.
Conversely, families primarily concerned about pornography may not realize how big a threat internet malware poses, and may not be running AV software. Or, they may know about K9′s anti-malware abilities, and falsely assume that they no longer need an AV package. This is why we talk about the need for layered defenses.
Like Batman and Robin, or the Incredibles, the good guys are more effective when they team up than when they fight alone. Our AV partners have a tough job, since malware is often specifically built and tested to be unrecognizable by their software. But they have an advantage, too: they’re embedded deeply in the computer, and they have a long history of studying malware and how it attacks and behaves. Armed with this knowledge, they can “watch” a new/unknown program in action and often recognize its behavior as malicious, and cut it off before it can do any damage.
These two defenses are highly complementary, and more effective than either would be alone. As a third layer of defense, parents can also try to raise their children’s awareness — and their own! of malware tricks and tactics. Although many attacks are invisible and many search-based attacks are essentially random, others do target specific user behavior, especially on search engines and social networks.
So, this year, as my oldest son was heading off to college with his new netbook, he made sure he had a copy of K9 installed. He knows enough about the bad guys’ tactics to know that he needs the extra layer of protection from web-based malware. And yes, as a father, I hope he also continues to keep the little box checked that blocks pornography, too.
About the author
Chris Larsen is the Malware Research Team Leader at Blue Coat Systems. He is a software engineer with a background in linguistics and machine learning. His focus at Blue Coat is on the vectors used to spread malware on the Web, including everything from social engineering ploys to drive-by downloads. He writes about security here.