Lately, it seems that computers have been sicker than a preschool class in the dead of winter. Like the cold and flu viruses that pass quickly among children, email viruses have been running rampant. You'd think that we'd learn to apply some of the preventive measures that we follow during the flu season, but enough people continue to infect their coworkers’ computers to cause massive problems. Fortunately, such behavior creates career-advancement opportunities for those of us in IT.
The seemingly endless flood of attacks on our computers has caught the attention of the highest levels of management. Companies that considered security training a luxury 2 years ago are now giving it the highest priority, and organizations that in the past would never pay a consultant to analyze network security are paying vast sums for initial consultations and ongoing reviews. We now have the management support we need to make a concerted effort to plug the holes and correct the behaviors that have let the black hats run wild on the Internet.
On the front lines of the effort are network administrators; not far behind are the application developers who write programs that use services from multiple servers. Unfortunately, according to the SANS Institute, only 1 in 20 IT professionals has the skills necessary to secure systems properly—which means that many of us need to improve our security skills if we're going to protect our companies. And because we really don't have the time to learn proper security techniques through trial and error, we'll have to rely on training. Fortunately, Microsoft, Cisco, and the SANS Institute, among others, have designed courseware and training to suit this need.
Microsoft, for example, offers instructor-led Microsoft Official Curriculum (MOC) Course 2150: Designing a Secure Microsoft Windows 2000 Network, which covers every facet of securing Win2K, from the desktop to the Internet. As is typically the case with high-level Microsoft training, the instructor's background and experience will largely determine what you get from the course. Generally, though, the course is a good way to see the complete picture of Win2K security and each of the Microsoft tools and services that implement it.
Because of the new high profile of security concerns, I anticipate that security administrators will be in demand, so I've been strongly recommending Exam 70-220: Designing Security for a Microsoft Windows 2000 Network to my students as their core design requirement for the MCSE. Given how much time network administrators spend on security these days, Exam 70-220 should probably be a requirement for all Win2K MCSEs.
Also, because most large networks include at least some Cisco equipment, it makes sense to consider the Cisco Security Specialist certification in addition to the Cisco Certified Network Associate (CCNA) certification. Designed to test your knowledge of Cisco’s security products (e.g., the software that Cisco has built into its routers or its PIX firewall devices), the tests require that you invest a significant amount of time in preparation. They also require a significant investment in hardware for training (nothing Cisco sells is cheap). Therefore, the best option is to train at a Cisco-certified training center. (Online training might be preferable for this certification because it lets students learn at their own pace with access to expensive equipment for the practice labs.) If your company has Cisco equipment or is planning to buy a Cisco PIX firewall in response to recent attacks, the time and effort should yield rewards when you become the hero who saved the network.
For a broader-based approach to security, check out the SANS Institute’s security offerings. The SANS Institute's training and certifications cover everything from securing Microsoft IIS to setting up effective scanning for email viruses, and its certification process is much more thorough than either Microsoft’s or Cisco’s. Given the attention to detail and the controls that the SANS Institute has put in place, the Internet Security Officer certification might become the new premium certification for IT professionals.
Amid the chaos that has resulted from the rash of Internet-borne viral infections and parasitic infestations, remember that you can apply some of the same techniques that keep you healthy in the winter to keep your computers healthy all year long: Stay in touch with other professionals so that you'll have an early warning about impending epidemics; learn the symptoms of common attacks; isolate systems to minimize infections; don’t open files from people you don’t know; inoculate your Internet servers against known threats; use administrator accounts sparingly; and filter all traffic before it can get into your network. The combination of common sense, security-specific training, and good security practices should help you weather any epidemics that come your way.
