5.5. Mobile NAC and the Malware Threat
It's no question that viruses, worms, and other malware are huge concerns for enterprises. The malware threat has actually changed over the years. It used to be that malware writers wanted everyone to know about their worms and viruses; it was part of the fun and the notoriety. That tactic has changed considerably over the years.
Ask yourself this question: "What were the last three big malware outbreaks, and when did they happen?" Could you name three from within the last 18 months? If you can, you are definitely in the minority. Does this mean that hackers are no longer writing malware? The answer is definitely "No!" Their tactics, however, have changed. Instead of wanting to be overtly public about the outbreaks, malware writers now don't want anyone to find out about them. They want their malware to run silent and deep. They want it to go undetected for as long as possible. They don't want to necessarily infect thousands of machines; a small number of good victims is enough. That's because the goal is no longer publicity; it is money.
Think about rootkits for a minute. Rootkits are notoriously difficult to find and remove. So, what is the best defense? The answer is stopping them as they get installed. This is done by ensuring that the security defenses are always up and running. This includes when the laptop is mobile, not just when the laptop attempts to connect back to the corporate LAN.
5.5.1. How Old Should Antivirus Definitions ...
Get Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
