1 the 2006 resnet security survey resnet applied research group david futey kevin guidry december...
TRANSCRIPT
1
The 2006 ResNet Security Survey
ResNet Applied Research Group
David FuteyKevin GuidryDecember 15, 2006
2
Introduction Background References ResNet Applied Research Group (RARG) 2006 ResNet Survey development Placing the survey results in context 2006 ResNet Security Survey overview
3
Background Continuing evaluation of security
Security Vulnerability Survey Assess readiness for Fall 2004 94 respondents
2005 ResNet Survey Security component 224 respondents
2006 Security Survey 101 respondents
4
References
RARG research http://www.resnetsymposium.org/workinggroups/research.htm
Get Connected: An Approach to ResNet Services EDUCAUSE Quarterly, No. 4, 2006 http://www.educause.edu/ir/library/pdf/eqm0643.pdf
2005 ResNet Survey Results: A Baseline Analysis EDUCAUSE Center for Applied Research, bulletin Issue 20, 2005 http://www.educause.edu/LibraryDetailPage/666?ID=ERB0520
5
ResNet Applied Research Group
History Formed August 2004 Volunteer group within ResNet organization
Present & Past (*) Members Carol Anderer, University of Delaware *Kevin Bullard, UNC-Greensboro David Futey, ResNet Applied Research Group *Jan Gerenstein, Northern Illinois University Kevin Guidry, Sewanee: University of the South Clifton Pee, Azusa Pacific University Erica Spencer, Baylor University
6
Assistance Question creation and review Pilot survey
Support received from: ResNet Listserv members Security Task Force: Effective Practices Group Internet2/SALSA-NetAuth
2006 Survey Development
7
Survey Results in Context
8
Top “Current” Challenges from 2005 ResNet Survey
0
25
50
75
100
125
150
175
200
225
Secur
ity
Copyr
ight &
P2P
Educa
tion
Bandw
idth
Wire
less
Networ
k Reg
istra
tion
& Aut
hent
icatio
n
Networ
k Equ
ipmen
t & In
frastr
uctu
re
Fundin
g
Staffin
g
Comm
unica
tion
Nonac
adem
ic ne
twor
k us
es
Question 77
9
Top “Future” Challenges from 2005 ResNet Survey
0
25
50
75
100
125
150
175
200
225
Secur
ity
Wire
less
Educa
tion
Bandw
idth
& Net
work S
peed
Networ
k Reg
istra
tion
& Aut
hent
icatio
n
Suppo
rt
Copyr
ight &
P2P
Networ
k Equ
ipmen
t & In
frastr
uctu
re
Autom
ation
Fundin
g & P
ricing
Staffin
g
Outso
urcin
g
Question 78
10
Network Registration Tools 2004 ResNet Vulnerability Survey
85% use a tool to register student computers 2005 ResNet Survey
74% use a tool to register student computers 2006 ResNet Security Survey
83% use a tool to register student computers
11
Student Machine Vulnerability Evaluation 2004 ResNet Vulnerability Survey
69% use a tool to evaluate student's computer 2005 ResNet Survey
71% use a tool to evaluate student computers 2006 ResNet Security Survey
60% use a tool to passively evaluate student computers
42% use a tool to actively evaluate student computers
12
QOS 2005 ResNet Survey
Practicing packetshaping or Quality Of Service (Y=84%)
2006 ResNet Security Survey Practicing packetshaping or Quality Of Service
(Y=86%)
13
Key Points of 2006 ResNet Security Survey
14
Who is responsible for setting and enforcing policies?
Questions 6-7 (2006)
05
101520253035404550556065707580859095
100
Setting
Enforcing
Num
ber
of r
espo
nden
ts
15
How is policy decided? A vast majority of respondents (94%) indicated that their institution blocks, filters, or otherwise restricts network services for security purposes. (Q.8, N=101) (85% in 2005 ResNet Survey)A majority of respondents, (78%) either entirely or in part, base their decision to filter, block, or restrict on published best practices from professional security groups. (Q.14, N=95)Service License Agreements and Internal IT Security Expertise were the other predominate factors, besides the published best practices, that impacted the decision to block, filter, or restrict. (Q.14a)
16
Policy enacted..
In the event of an unexpected security incident, Central IT (50%), Security (25%), and Networking (18%) had authority to request immediate action.(Q.13, N=95) Central IT (52%), Networking (18%), and Security (17%) are primarily responsible for determining what services, ports or protocols are blocked, filtered, or restricted.(Q.12, N=95)
17
What services are blocked?
Sampling from Question 9-11
Questions 9-11 looked at what services were blocked if the traffic was inbound to the ResNet network, outbound from the ResNet network, or remained internal to the ResNet Network. Please review the questions for specifics. Non-established services coming into the ResNet network are blocked (Q.9, 48%, N=90) Services with high percentages of not being blocked include FTP, Instant messaging, IRC, VoIP, IPSec, gaming, and console gaming.SMTP and Windows File and Print Sharing had high percentages of 'Always' being blocked, inbound and outbound
18
Does your institution require protective software be installed and is that software provided by
the institution?
Questions 22 & 23 (2006)
0
10
20
30
40
50
60
70
80
90
100
Anti-Virus
Anti-Spyware/Adware
Num
ber
of r
espo
nden
ts,
N=
101
19
WirelessA majority of respondents, 74%, do not allow students to install personally-owned access points. (Q.31, N=98) (60% in 2005 ResNet Survey)Wireless installations in residences are (Q.32, N=97) :
Not provided (37%) (46% in 2005 ResNet Survey) Part of overall institution wireless network (47%) Separate from institution wireless network (13%)
SSID naming convention and 802.1x were primary security measures used for institutionally managed wirelessNearly (1/5) of respondents provided no security measures
20
Let's Hear From You
Suggestions, questions, and comments can be directed to the RARG at: