Network Security Management! Call (888) 233-6471 to talk with a PBM IT Expert.

Home About Us Bookmark or Share Contact Us Locations Quotes Directory PBM IT Solutions

Main Menu

Home About Us Locations PBM IT Solutions Contact Us

PBM IT Solutions

Network Security Security Management OTP Security Penetration Tests Security Assessment Security Audits Computer Worm Protection Computer Virus Protection Information Theft Prevention Business Availability Unknown Vulnerability Regulatory Compliance

Network Security Mangement - Call PBM IT Solutions at (888) 233-6471

With every new advance in computing and communications, some malicious hacker finds new ways to exploit that technology for gain or mischief. New hardware or software releases present a new opportunity. Peer-to-peer networking and Internet Messaging (IM) were still relatively new applications when their users were attacked by malicious code written specifically for them. Mobile phones are now targets of viruses. No one knows whatâ€™s coming next, but the best defense is one that will be able to easily adapt to future threats without breaking the bank.

Cisco IronPort Web Security Appliances (1) Integrate industry-leading web-usage controls, reputation filtering, malware filtering, and data security, (2) Take advantage of Cisco Security Intelligence Operations (SIO) and global threat correlation technology to help optimize threat detection and mitigation, (3) Combine multiple layers of web security technology to combat complex and sophisticated web-based threats, and (4) Support built-in management capabilities to simplify administration and provide visibility into threat-related activity.

Cisco Secure Access Control System (1) Controls network access based on dynamic conditions and attributes through an easy-to-use management interface, (2) Meets evolving access requirements with rule-based policies for flexibility and manageability, (3) Simplifies management and increases compliance with integrated monitoring, reporting, and troubleshooting capabilities, and (4) Adopts an access policy that takes advantage of built-in integration capabilities and distributed deployment.

Network security tools include: (1) Antivirus software packages : These packages counter most virus threats if regularly updated and correctly maintained, (2) Secure network infrastructure : Switches and routers have hardware and software features that support secure connectivity, perimeter security, intrusion protection, identity services, and security management. Dedicated network security hardware and software-Tools such as firewalls and intrusion detection systems provide protection for all areas of the network and enable secure connections, (3) Virtual private networks : These networks provide access control and data encryption between two different computers on a network. This allows remote workers to connect to the network without the risk of a hacker or thief intercepting data, (4) Identity services : These services help to identify users and control their activities and transactions on the network. Services include passwords, digital certificates, and digital authentication keys, (5) Encryption : Encryption ensures that messages cannot be intercepted or read by anyone other than the authorized recipient. and (6) Security management : This is the glue that holds together the other building blocks of a strong security solution. None of these approaches alone will be sufficient to protect a network, but when they are layered together, they can be highly effective in keeping a network safe from attacks and other threats to security. In addition, well-thought-out corporate policies are critical to determine and control access to various parts of the network.

A passive attack is characterized by the interception of messages without modification. There is no change to the network data or systems. The message itself may be read or its occurrence may simply be logged. Identifying the communicating parties and noting the duration and frequency of messages can be of significant value in itself. From this knowledge certain deductions or inferences may be drawn regarding the likely subject matter, the urgency or the implications of messages being sent. This type of activity is termed traffic analysis. Because there may be no evidence that an attack has taken place, prevention is a priority. Traffic analysis, however, may be a legitimate management activity because of the need to collect data showing usage of services, for instance. Some interception of traffic may also be considered necessary by governments and law enforcement agencies interested in the surveillance of criminal, terrorist and other activities. These agencies may have privileged physical access to sites and computer systems.

Security testing is an essential component of improving the security posture of your organization. Organizations that have an organized, systematic, comprehensive, on-going, and priority driven security testing regimen are in a much better position to make prudent investments to enhance the security posture of their systems.

Computer systems today are more powerful and more reliable than in the past; however they are also more difficult to manage. System administration is a complex task, and increasingly it requires that system administration personnel receive specialized training. In addition, the number of trained system administrators has not kept pace with the increased numbers of networked systems. One result of this is that organizations need to take extra steps to ensure that their systems are configured correctly and securely. And, they must do so in a cost-effective manner.

The standard one-time password dictionary from RFC 1760 helps maintain backwards compatibility with the various deployed systems, however, support for hexadecimal format passwords will also be mandatory to implement. The standard might specify pass phrase quality checks for the secret pass phrase. The standard will be specified so as to eliminate any possible conflict with the Bellcore trademark on the term S/Key.

The Cisco Intrusion Prevention System (1) Identifies, classifies, and stops malicious traffic, including worms, spyware, adware, viruses, and application abuse, (2) Delivers high-performance, intelligent threat detection and protection over a range of deployment options, (3) Uses reputation filtering and global inspection to give businesses actionable intelligence and prevent threats with confidence, and (4) Promotes business continuity and helps businesses meet compliance needs.

Auditors face some challenges when reviewing router and firewall configurations. I'm going to discuss a few of them in this article. My assumption is that there is a device hardening standard in place, which points out the key elements of configuration. I am also assuming configuration review is only small, and not the most important part of audit program (design assessment, change control, access control, etc... have to be done as well).