The threats to your network are constantly evolving, so
trying to defend your company is like trying to hit a moving target. Not only
are new threats coming from external players, but having to protect yourself
from malicious insiders is also part of keeping the business secure. Here are
the “Top 5” technologies, in my opinion, that should be implemented within an
organization from a networking perspective to limit risk. This doesn’t mean
you’re secure, but applying these systems to your defense along with the proper
monitoring and policy is a step in the right direction.
Vulnerability Management
There are many forms of vulnerability management, but
knowing where your vulnerable is a good place to start your security program.
Having an understanding of where you’re vulnerable in your systems,
applications and networks before some with malicious intent does is highly
valuable.
Data Loss Prevention (DLP)
Protecting your company from data leakage or loss is
important. Many of these systems are designed to protect malicious intent from
coming into the network, but what happens if someone’s on the inside? Using DLP
to monitor and block protected information from leaving the network or being
touched by those who shouldn’t have access is another way to defend against
risk.
Log Management
If you’re not logging your systems you’ll be flying blind
when an attack happens. Notice I didn’t say “if” an attack happens. During incident
response you’ll wish you had the history or time machine of logs to rely on and
assist you with incident management. No one ever said, “I wish I didn’t have
all these logs” during an incident. Logging everything you have is essential.
Security Incident and Event Management (SIEM)
Now that we spoke about logging let’s take it up a notch.
Now that you have the logs what are you going to do with them? Establishing a
way to correlate these logs to capture security attempts against your network
in real time is the next logical step. Creating rules and alerts based off the
data you’re collecting from your systems is essential for defense.
Next Generation Firewall/IPS
I’m lumping these two in the same category because this
market is starting to merge. Either way having one or both of these systems in
line with your network will assist with blocking/alerting on malicious and
suspicious traffic that’s passing through them, normally on the perimeter or
between networks. Now that these systems are able to look into the packet data
and analyze through the stack their importance in your network is vital.
Download the valid 220-1002 - CompTIA A+ Certification Exam: Core 2 practice test questions in VCE file format to pass your certification exam effortlessly.220-1002 VCE Practice Test
ReplyDeleteRecently I came across an agency that provides various services in writing homework - https://godofessays.com/. Their authors have been working in this field for more than 5 years, and they provide various discounts for new clients. To make an order is very simple, leave your request and the manager of the company will contact you in the near future.
ReplyDelete