Can reputation services be applied to network security?

Ask the Expert

Can reputation services be applied to network security?

Reputation services can be used as an antispam strategy, but can reputation services be applied to the security of the network? If so, what's the most practical way to get started?

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

As you know, administrators can use a "reputation score" to block potentially malicious traffic from entering their network. The ratings are determined by a third-party vendor.

To use this technology, you can purchase a subscription from a content provider (such as ReturnPath's SenderScore or Trend Micro's Email Reputation Services) and integrate it with your existing email environment.

The system will then reject mail that doesn't match the normal sending patterns for a domain. For example, if Company X normally sends mail from the 12.7.8.x network, reputation services would reject a message purporting to be from Company X but arriving from the 122.45.x.x subnet.

I'm not aware of any products that allow you to apply reputation services to network traffic, but they're in the works. Cisco recently acquired IronPort, a reputation services provider, and announced plans to integrate its technology into Cisco's Self-Defending Networks architecture. The company expects to release products beginning in 2008.

More information:

  • See how reputation systems are gaining credibility in the fight against spam
  • Achieve network security with tomorrow's antivirus tools.
  • This was first published in September 2007