| Network security is an evolving animal that changes every year. Just as your virus protection changes its signature database, your company needs to change its endpoint security to maintain quality security control throughout your network. Hackers are modifying their approach to attacks constantly and if you don’t change how your network filters out these attacks, then you will lose the war.
Managing endpoint security and control on your network is a key factor in your overall |
|
| security. Today endpoint security requires a multi-layer approach. A study done by the European Network and Information Security Industry showed that more than half of all exploits come in the form of browser hijacks and vulnerabilities. Attacks today are also becoming much more blended which means they take advantage of multiple protocols and mediums to accomplish the task. Attacks like these require that all points in your network are covered and endpoint security of the past is no longer effective enough.
The best way to combat against blended attacks today is with a blended or multi-layer endpoint security solution. Intrusion prevention systems are a must. They are not just a solution for enterprise business, but also for small and medium sized business, if not even more so. Today small businesses are becoming a large target for attackers. This is due to the fact that many small businesses process credit card information today, but then lack the budget for a quality endpoint security and control infrastructure. This makes them a an easy target for attackers. Your endpoint security and control infrastructure today contains several features that help protect your network. They typically involve several of the following forms of protection: antimalware, desktop firewall, hardware gateway firewall, intrusion prevent and detection, device control, application monitoring, and network wide event monitoring. All these facets are usually monitored and controlled to provide a comprehensive endpoint security solution. Because each facet can now be broken down into a seperate product in and of itself, it allows for scalability among all business levels. |
|
Firewalls are commonplace now within corporate and even residential network environments. It is important to understand them and take a deeper look at firewalls. Corporations create a set of rules based on their security enabled network policy that determines what information can be accessed on the corporate network by all end users.
Firewalls have several ways of controlling traffic to and from the internal corporate network. Packet filtering is one method that firewalls use to process traffic in and out of the secure network. The firewall has a rules base that it matches the packet’s header information again to decide whether or not that traffic stream is allowed. If those packets match a set of rules that the firewall allows, then that traffic is allowed to pass through the firewall. If it not specifically allowed, (again, depending on the rules base) then generally the firewall denies the traffic.
Another way that firewalls can filter traffic is by using a proxy service. In this way, a firewall retrieves information from the web on behalf of the internal network nodes and then passes the information to the requesting computer.
A more advanced method that most modern firewalls now use today is called stateful packet inspection. This method is like packet filtering on steroids. It looks at the packet deeper and examines data within the actual packet and compares that data from trusted sources on the internet to ensure that the data does not have malicious intent. If the packet data is known to be malicious, then the firewall blocks the packet stream regardless of whether the packet matches the rules base of the firewall.
The methods that you choose to put in place in your network all depends on your security enabled network policy. Regardless of what method you decide on, be sure to take all aspects of network security into consideration and close off any open holes that are not required to be open on your firewall.